Presentation is loading. Please wait.

Presentation is loading. Please wait.

Supporting further and higher education Grid Security: Present and Future Alan Robiette, JISC Development Group.

Published byRachel Crawford Modified over 10 years ago

Similar presentations

Presentation on theme: "Supporting further and higher education Grid Security: Present and Future Alan Robiette, JISC Development Group."— Presentation transcript:

1 Supporting further and higher education Grid Security: Present and Future Alan Robiette, JISC Development Group

2 5 Dec 2002Grid Security Workshop2 Overview Existing Grid security model The Grid Security Infrastructure (GSI) Web services and security models for web services (WS-Security) Security architecture for the Open Grid Services Architecture (OGSA) References for further reading

3 5 Dec 2002Grid Security Workshop3 The Grid today Globus Toolkit v2 – Grid Security Infrastructure (GSI) Two core concepts X.509 digital certificates used as identity credentials Short-lived proxy certificates used to delegate identity temporarily to other processes Standard tools (e.g. GridFTP) modified for authentication via certificates

4 5 Dec 2002Grid Security Workshop4 Authorisation Authentication (knowing who you are dealing with) is reasonably secure in Globus v2 Authorisation (managing access to resources on the basis of an individuals attributes or role) is a much more open question Available solutions are immature, or not well tested in practical circumstances

5 5 Dec 2002Grid Security Workshop5 Web services The concept of web services is a hot topic in commercial circles Web services are self-describing services which can interact in a machine-to-machine mode, with little or no human intervention Intended to improve the efficiency of business-to-business processes Common verbs: publish, locate, bind

6 5 Dec 2002Grid Security Workshop6 Web services diagram

7 5 Dec 2002Grid Security Workshop7 Implementation Most commonly implemented using XML Service descriptions written is WSDL (Web Services Description Language) Services communicate via messages expressed in SOAP (Simple Object Access Protocol) All over http and Port 80 … Security for Web services is a question of securing SOAP message exchanges

8 5 Dec 2002Grid Security Workshop8 WS-Security First roadmaps and draft specifications published April 2002 by IBM, Microsoft and Verisign Standardisation activity now transferred to the OASIS-Open consortium http://www.oasis-open.org/committees/wss/ Very complex model (next slide)

9 5 Dec 2002Grid Security Workshop9 WS-Security model

10 5 Dec 2002Grid Security Workshop10 Open Grid services OGSA (Open Grid Services Architecture) is billed as the future of the Grid Builds on web services concept but extends it significantly E.g. Grid processes typically may need to invoke transient services Concept of service factory

11 5 Dec 2002Grid Security Workshop11 OGSA security Correspondingly builds on web services security But requires significant extensions to cope with the virtual organisation problem Unlike the relatively homogenous approach of GSI, OGSA security envisages translation and mapping of security parameters (e.g. credentials) between different domains

12 5 Dec 2002Grid Security Workshop12 OGSA security services

13 5 Dec 2002Grid Security Workshop13 Another view

14 5 Dec 2002Grid Security Workshop14 Conclusions Globus/GSI today is fairly stable, with authorisation the main outstanding problem WS-Security will get there in time Though implementations may vary in how complete they are OGSA Security (Globus v3) is an ambitious target And there is a good way still to go!

15 5 Dec 2002Grid Security Workshop15 References Globus version 2 and GSI –http://www.globus.org/security/ –http://www.gridforum.org/2_SEC/GSI.htm Web services and WS-Security –http://www.w3.org/2002/ws/ –http://www.oasis-open.org/committees/wss/ OGSA security –http://www.globus.org/ogsa/security/ –http://www.gridforum.org/2_SEC/ogsa-sec.htm

16 Supporting further and higher education Questions?

Download ppt "Supporting further and higher education Grid Security: Present and Future Alan Robiette, JISC Development Group."

Similar presentations

BPEL4WS Business Process Execution Language for Web Services Jim Clark eBusiness Strategist jimclark@microsoft.com.

BPEL4WS Business Process Execution Language for Web Services Jim Clark eBusiness Strategist
EDOC 2004 - MDSW Workshop1 An MDA-based Approach for Facilitating Adoption of Semantic Web Service Technology Dr. Gerald Gannod –

EDOC MDSW Workshop1 An MDA-based Approach for Facilitating Adoption of Semantic Web Service Technology Dr. Gerald Gannod –
Codata Workshop1 V iNCES – Weblabs on ecosystem services Pedro Luiz Pizzigatti Corrêa Universidade de São Paulo - Brazil Agricultural Automation Laboratory.

Codata Workshop1 V iNCES – Weblabs on ecosystem services Pedro Luiz Pizzigatti Corrêa Universidade de São Paulo - Brazil Agricultural Automation Laboratory.
June 28-29, 2005IHE Interoperability Workshop Keith W. Boone Dictaphone Corporation IHE ITI Technical Comittee Notification of Document Availability (NAV)

June 28-29, 2005IHE Interoperability Workshop Keith W. Boone Dictaphone Corporation IHE ITI Technical Comittee Notification of Document Availability (NAV)
Retrieve ECG for Display Profile Retrieve ECG for Display Profile John Donnelly IHE-Cardiology Planning Committee.

Retrieve ECG for Display Profile Retrieve ECG for Display Profile John Donnelly IHE-Cardiology Planning Committee.
14 Apr 2005 VOEvent workshop1 XML Schema and the VO Registry Matthew J. Graham CACR/Caltech T HE US N ATIONAL V IRTUAL O BSERVATORY.

14 Apr 2005 VOEvent workshop1 XML Schema and the VO Registry Matthew J. Graham CACR/Caltech T HE US N ATIONAL V IRTUAL O BSERVATORY.
Web Services Technology Topics The boring stuff. WSRF Web Services Resource Framework –managing stateful resources using web services standards Driven.

Web Services Technology Topics The boring stuff. WSRF Web Services Resource Framework –managing stateful resources using web services standards Driven.
Fujitsu Laboratories of Europe © 2004 What is a (Grid) Resource? Dr. David Snelling Fujitsu Laboratories of Europe W3C TAG - Edinburgh September 20, 2005.

Fujitsu Laboratories of Europe © 2004 What is a (Grid) Resource? Dr. David Snelling Fujitsu Laboratories of Europe W3C TAG - Edinburgh September 20, 2005.
7th xbrl workshop1 CENTRAL BANK OF CYPRUS IMPLEMENTATION OF COREP & XBRL VII European Banking Supervisors XBRL Workshop Munich, 9 May 2007.

7th xbrl workshop1 CENTRAL BANK OF CYPRUS IMPLEMENTATION OF COREP & XBRL VII European Banking Supervisors XBRL Workshop Munich, 9 May 2007.
Getting Started: Launching the Writing Workshop Writing Unit 1 - Getting Started: Launching the Writing Workshop 1.

Getting Started: Launching the Writing Workshop Writing Unit 1 - Getting Started: Launching the Writing Workshop 1.
UK Role in Open Grid Services Architecture Towards an Architectural Road Map A Report to the Technical Advisory Group from The Architecture Task Force.

UK Role in Open Grid Services Architecture Towards an Architectural Road Map A Report to the Technical Advisory Group from The Architecture Task Force.
® IBM Software Group © 2003 IBM Corporation IBM Position W3C Enterprise Web Services WS Christopher Ferris Senior Technical Staff Member Feb, 2007.

® IBM Software Group © 2003 IBM Corporation IBM Position W3C Enterprise Web Services WS Christopher Ferris Senior Technical Staff Member Feb, 2007.
Web Service Architecture

Web Service Architecture
Overview of Web Services

Overview of Web Services
Service Description: WSDL COMP6017 Topics on Web Services Dr Nicholas Gibbins – 2013-2014.

Service Description: WSDL COMP6017 Topics on Web Services Dr Nicholas Gibbins –
Tuesday, June 10, 2003 Web Services Brief Overview & Security Assertion Coordinator Pattern by Mohammad Abushadi & Riaz Ahmed for Security Group CSE -

Tuesday, June 10, 2003 Web Services Brief Overview & Security Assertion Coordinator Pattern by Mohammad Abushadi & Riaz Ahmed for Security Group CSE -
Mardi 30 mars 2010 Lavoisier : a way to integrate heteregeneous monitoring systems. Cyril LOrphelin IN2P3/CNRS Computing Centre, Lyon, France.

Mardi 30 mars 2010 Lavoisier : a way to integrate heteregeneous monitoring systems. Cyril LOrphelin IN2P3/CNRS Computing Centre, Lyon, France.
31242/32549 Advanced Internet Programming Advanced Java Programming

31242/32549 Advanced Internet Programming Advanced Java Programming
UDDI v3.0 (Universal Description, Discovery and Integration)

UDDI v3.0 (Universal Description, Discovery and Integration)
At a glance (Project Management Methodology) at a glance (Project Management Methodology) Pierre Bonnal DG-DI Maintenance Management Workshop 25 th November.

At a glance (Project Management Methodology) at a glance (Project Management Methodology) Pierre Bonnal DG-DI Maintenance Management Workshop 25 th November.

Similar presentations

Ads by Google