Security for Grid Services

Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed "virtual organizations." The dynamic and multi-institutional nature of these environments introduces challenging security issues that demand new technical approaches. In particular, one must deal with diverse local mechanisms, support dynamic creation of services, and enable dynamic creation of trust domains. We describe how these issues are addressed in two generations of the Globus Toolkit. First, we review the Globus Toolkit version 2 (GT2) approach; then, we describe new approaches developed to support the Globus Toolkit version 3 (GT3) implementation of the Open Grid Services Architecture, an initiative that is recasting Grid concepts within a service oriented framework based on Web services. GT3's security implementation uses Web services security mechanisms for credential exchange and other purposes, and introduces a tight least-privilege model that avoids the need for any privileged network service.Comment: 10 pages; 4 figure

Designing and Handling Failure issues in a Structured Overlay Network Based Grid

Grid computing is the computing paradigm that is concerned with coordinated resource sharing and problem solving in dynamic, autonomous multi-institutional virtual organizations. Data exchange and service allocation between virtual organizations are challenging problems in the field of Grid computing, due to the decentralization of Grid systems. The resource management in a Grid system ensures efficiency and usability. The required efficiency and usability of Grid systems can be achieved by building a decentralized multi-virtual Grid system. In this thesis we present a decentralized multi-virtual resource management framework in which the system is divided into virtual organizations, each controlled by a broker. An overlay network of brokers is responsible for global resource management and managing the allocation of services. We address two main issues for both local and global resource management: 1) decentralized allocation of tasks to suitable nodes to achieve both local and global load balancing; and 2) handling of both regular and broker failures. Experimental results verify that the system achieves dependable performance with various loads of services and broker failures

Single sign-on and authorization for dynamic virtual organizations

The vision of the Grid is to support the dynamic establishment and subsequent management of virtual organizations (VO). To achieve this presents many challenges for the Grid community with perhaps the greatest one being security. Whilst Public Key Infrastructures (PKI) provide a form of single sign-on through recognition of trusted certification authorities, they have numerous limitations. The Internet2 Shibboleth architecture and protocols provide an enabling technology overcoming some of the issues with PKIs however Shibboleth too suffers from various limitations that make its application for dynamic VO establishment and management difficult. In this paper we explore the limitations of PKIs and Shibboleth and present an infrastructure that incorporates single sign-on with advanced authorization of federated security infrastructures and yet is seamless and targeted to the needs of end users. We explore this infrastructure through an educational case study at the National e-Science Centre (NeSC) at the University of Glasgow and Edinburgh

Supporting security-oriented, collaborative nanoCMOS electronics research

Grid technologies support collaborative e-Research typified by multiple institutions and resources seamlessly shared to tackle common research problems. The rules for collaboration and resource sharing are commonly achieved through establishment and management of virtual organizations (VOs) where policies on access and usage of resources by collaborators are defined and enforced by sites involved in the collaboration. The expression and enforcement of these rules is made through access control systems where roles/privileges are defined and associated with individuals as digitally signed attribute certificates which collaborating sites then use to authorize access to resources. Key to this approach is that the roles are assigned to the right individuals in the VO; the attribute certificates are only presented to the appropriate resources in the VO; it is transparent to the end user researchers, and finally that it is manageable for resource providers and administrators in the collaboration. In this paper, we present a security model and implementation improving the overall usability and security of resources used in Grid-based e-Research collaborations through exploitation of the Internet2 Shibboleth technology. This is explored in the context of a major new security focused project at the National e-Science Centre (NeSC) at the University of Glasgow in the nanoCMOS electronics domain

Secure Data Sharing With AdHoc

In the scientific circles, there is pressing need to form temporary and dynamic collaborations to share diverse resources (e.g. data, an access to services, applications or various instruments). Theoretically, the traditional grid technologies respond to this need with the abstraction of a Virtual Organization (VO). In practice its procedures are characterized by latency, administrative overhead and are inconvenient to its users. We would like to propose the Manifesto for Secure Sharing. The main postulate is that users should be able to share data and resources by themselves without any intervention on the system administrator's side. In addition, operating an intuitive interface does not require IT skills. AdHoc is a resource sharing interface designed for users willing to share data or computational resources within seconds and almost effortlessly. The AdHoc application is built on the top of traditional security frameworks, such as the PKI X.509 certificate scheme, Globus GSI, gLite VOMS and Shibboleth. It enables users rapid and secure collaboration

Management of e-Resources in R amp; D Centers: A Case Study of the Information Center at NAL13;

The developments in information technology and their applications to library and information services have given new dimension to the entire spectrum of information management. The information generated is usually stored in four physical media: paper, film, optical, and magnetic disks. The e-document be it a book, journal, technical report, conference proceedings is portable; has random access to its contents; and the document can also be a multimedia object, in that it may contain not only text, but also graphics, drawings, photographs or video. Now we have the emergence of publications over the electronic networks and the activity took off in a big way following the invention of the World Wide Web. The Open Access movement is becoming the order of the day. More than 3000 journals are free on net for anybody to access. A number of Institutional repositories and e-Prints archives have thrown challenge to the publishing industry. Consortium approach through different pricing, management and licensing models is enabling the libraries to provide access to thousands of e- journals, e-books and other kinds of e-documents. The Information center at NAL with its state-of-the-art library has progressed a good deal in this direction by acquiring different kind of documents especially e-form, cataloguing amp; processing them appropriately, storing and giving access to its patrons not only in library premises, but on to the desk tops spread in three different campuses through laboratory LAN and also extending selected services through Internet for the benefit of any body from any part of the world. 13; Created and maintained by ICAST the Portal x2018;AeroInfox2019; (www.aeroinfo.org.in) serves as one window information search facility for Web sources in aerospace science and technology. This virtual library facilitates multiple approach to information seekers as the web sources are indexed and organised using different schemes of classification including NASA subject categories. Care is taken to cover Indian aerospace sources exhaustively. The ICAST site (www.icast.org.in), apart from giving detailed information about library sources including books, journals, E-journals, databases and technical reports makes available different search tools for its users. Other details like working hours, library rules, staff details, contact persons, etc are provided. One can submit an online query and suggest documents for acquisition using online forms provided. The Library Database (OPAC) is probably is single largest in the country with more than 3.25 lakh bibliographic records of books, technical reports, patents, standards, journals, etc. ICAST users can search International databases like Aerospace Database, NTIS, J-Gate, Medline, etc through campus LAN. Users can access more than 2500 full text journals covering titles published by Elsevier (ScienceDirect), ASME, AIAA, Springer, John Wiley, OUP, CUP, AMS, World Scientific, few Annual Series, etc. Created by ICAST an e-journals gateway with browse and search (alphabetical and subject wise) facility for titles provides access to more than 700 journals available free on the net. The Centre provides a number of web/e-mail based innovative information services including Journal Contents Service, News Clipping Service, Monthly Documents Additions Lists covering both Books and Technical Reports, Web Alert Service and Union Catalogue of Journals -CSIR and Aerospace Libraries, etc

Measuring the degree of virtualization. An empirical analysis in two Austrian industries.

Strategic management literature suggests that especially in young and dynamic industries Virtual Corporations are more likely to emerge, as this type of organization is flexible enough to deal with rapidly changing environments. This paper challenges the proposition that environ-mental uncertainty and technological change lead to organizational adaptation towards virtual structures. We analyzed companies of two Austrian industries, data processing and engineering, which are characterized by different rates of innovation and environmental uncertainty, and compare their strategic, structural, and process characteristics by measuring their Degree of Virtualization. Results indicate almost no difference in the Degree of Virtualization. From these findings, we draw implications for the theoretical concept of Virtual Corpora-tions as well as for empirical research. (author's abstract)Series: Report Series SFB "Adaptive Information Systems and Modelling in Economics and Management Science

Volunteering

In recent decades, there has been a burgeoning interest in the study of volunteering, and the number of publications devoted to volunteering has grown exponentially. In this chapter, we examine emerging theories and new directions in volunteering research. First, we discuss multi-level perspectives that try to understand volunteering in complex interaction with the organizational and institutional context. Next, we present process-oriented approaches that focus on the experience of volunteering, as it changes through different stages of organizational socialization, and as a consequence of broader societal and sector-wide transformations. Finally, in the light of these sector changes, new methods of social accounting have emerged that expand traditional financial statements of nonprofits to account for volunteer labor. This review Demonstrates that, as research on volunteering further expands, it tends to grow in its diversity of questions and viewpoints, and to reflect the complex and dynamic nature of volunteering more precisely

SMEs; Virtual research and development (R&D) teams and new product development: A literature review

Small and medium-sized enterprises (SMEs) are indeed the engines of global economic growth. Their continued growth is a major subject for the economy and employment of any country. Towards that end, virtual research and development (R&D) could be a viable option to sustain and ease the operations of SMEs. However, literature shows there has not been a great deal of research into the diverse characteristic of virtual R&D teams in SMEs. This article provides a comprehensive literature review on different aspects of virtual R&D teams collected from the reputed publications. The purpose of the literature review is to provide an outline on the structure and dynamics of R&D collaboration in SMEs. Specifying the rationale and relevance of virtual teams, the relationship between virtual R&D team for SMEs and new product development (NPD) has been examined. It concludes with identifying the gaps and feebleness in the existing literature and calls for future research in this area. It is argued to form of virtual R&D team deserves consideration at top level management for venturing into the new product development within SMEs

Global Grids and Software Toolkits: A Study of Four Grid Middleware Technologies

Grid is an infrastructure that involves the integrated and collaborative use of computers, networks, databases and scientific instruments owned and managed by multiple organizations. Grid applications often involve large amounts of data and/or computing resources that require secure resource sharing across organizational boundaries. This makes Grid application management and deployment a complex undertaking. Grid middlewares provide users with seamless computing ability and uniform access to resources in the heterogeneous Grid environment. Several software toolkits and systems have been developed, most of which are results of academic research projects, all over the world. This chapter will focus on four of these middlewares--UNICORE, Globus, Legion and Gridbus. It also presents our implementation of a resource broker for UNICORE as this functionality was not supported in it. A comparison of these systems on the basis of the architecture, implementation model and several other features is included.Comment: 19 pages, 10 figure