12,181 research outputs found
Flexible Resolution of Authorisation Conflicts in Distributed Systems
Flexible Resolution of Authorisation Conflicts in Distributed System
A note on SPKI's authorisation syntax
Tuple reduction is the basic mechanism used in SPKI to make authorisation decisions. A basic problem with the SPKI authorisation syntax is that straightforward implementations of tuple reduction are quadratic in both time and space. In the paper we introduce a restricted version of the SPKI authorisation syntax, which appears to conform well with practice, and for which authorisation decisions can be made in nearly linear time
Semantic-based policy engineering for autonomic systems
This paper presents some important directions in the use of ontology-based semantics in achieving the vision of Autonomic Communications. We examine the requirements of Autonomic Communication with a focus on the demanding needs of ubiquitous computing environments, with an emphasis on the requirements shared with Autonomic Computing. We observe that ontologies provide a strong mechanism for addressing the heterogeneity in user task requirements, managed resources, services and context. We then present two complimentary approaches that exploit ontology-based knowledge in support of autonomic communications: service-oriented models for policy engineering and dynamic semantic queries using content-based networks. The paper concludes with a discussion of the major research challenges such approaches raise
A Shibboleth-protected privilege management infrastructure for e-science education
Simplifying access to and usage of large scale compute resources via the grid is of critical importance to encourage the uptake of e-research. Security is one aspect that needs to be made as simple as possible for end users. The ESP-Grid and DyVOSE projects at the National e-Science Centre (NeSC) at the University of Glasgow are investigating security technologies which will make the end-user experience of using the grid easier and more secure. In this paper, we outline how simplified (from the user experience) authentication and authorization of users are achieved through single usernames and passwords at users' home institutions. This infrastructure, which will be applied in the second year of the grid computing module part of the advanced MSc in Computing Science at the University of Glasgow, combines grid portal technology, the Internet2 Shibboleth Federated Access Control infrastructure, and the PERMS role-based access control technology. Through this infrastructure inter-institutional teaching can be supported where secure access to federated resources is made possible between sites. A key aspect of the work we describe here is the ability to support dynamic delegation of authority whereby local/remote administrators are able to dynamically assign meaningful privileges to remote/local users respectively in a trusted manner thus allowing for the dynamic establishment of virtual organizations with fine grained security at their heart
An Overview of a Grid Architecture for Scientific Computing
This document gives an overview of a Grid testbed architecture proposal for
the NorduGrid project. The aim of the project is to establish an inter-Nordic
testbed facility for implementation of wide area computing and data handling.
The architecture is supposed to define a Grid system suitable for solving data
intensive problems at the Large Hadron Collider at CERN. We present the various
architecture components needed for such a system. After that we go on to give a
description of the dynamics by showing the task flow
Supporting the clinical trial recruitment process through the grid
Patient recruitment for clinical trials and studies is a large-scale task. To test a given drug for example, it is desirable that as large a pool of suitable candidates is used as possible to support reliable assessment of often moderate effects of the drugs. To make such a recruitment campaign successful, it is necessary to efficiently target the petitioning of these potential subjects. Because of the necessarily large numbers involved in such campaigns, this is a problem that naturally lends itself to the paradigm of Grid technology. However the accumulation and linkage of data sets across clinical domain boundaries poses challenges due to the sensitivity of the data involved that are atypical of other Grid domains. This includes handling the privacy and integrity of data, and importantly the process by which data can be collected and used, and ensuring for example that patient involvement and consent is dealt with appropriately throughout the clinical trials process. This paper describes a Grid infrastructure developed as part of the MRC funded VOTES project (Virtual Organisations for Trials and Epidemiological Studies) at the National e-Science Centre in Glasgow that supports these processes and the different security requirements specific to this domain
HEP Applications Evaluation of the EDG Testbed and Middleware
Workpackage 8 of the European Datagrid project was formed in January 2001
with representatives from the four LHC experiments, and with experiment
independent people from five of the six main EDG partners. In September 2002
WP8 was strengthened by the addition of effort from BaBar and D0. The original
mandate of WP8 was, following the definition of short- and long-term
requirements, to port experiment software to the EDG middleware and testbed
environment. A major additional activity has been testing the basic
functionality and performance of this environment. This paper reviews
experiences and evaluations in the areas of job submission, data management,
mass storage handling, information systems and monitoring. It also comments on
the problems of remote debugging, the portability of code, and scaling problems
with increasing numbers of jobs, sites and nodes. Reference is made to the
pioneeering work of Atlas and CMS in integrating the use of the EDG Testbed
into their data challenges. A forward look is made to essential software
developments within EDG and to the necessary cooperation between EDG and LCG
for the LCG prototype due in mid 2003.Comment: Talk from the 2003 Computing in High Energy and Nuclear Physics
Conference (CHEP03), La Jolla, CA, USA, March 2003, 7 pages. PSN THCT00
- âŠ