Experiences in teaching grid computing to advanced level students

The development of teaching materials for future software engineers is critical to the long term success of the grid. At present however there is considerable turmoil in the grid community both within the standards and the technology base underpinning these standards. In this context, it is especially challenging to develop teaching materials that have some sort of lifetime beyond the next wave of grid middleware and standards. In addition, the current way in which grid security is supported and delivered has two key problems. Firstly in the case of the UK e-Science community, scalability issues arise from a central certificate authority. Secondly, the current security mechanisms used by the grid community are not line grained enough. In this paper we outline how these issues are being addressed through the development of a grid computing module supported by an advanced authorisation infrastructure at the University of Glasgow

DyVOSE project: experiences in applying privilege management infrastructures

Privilege Management Infrastructures (PMI) are emerging as a necessary alternative to authorization through Access Control Lists (ACL) as the need for finer grained security on the Grid increases in numerous domains. The 2-year JISC funded DyVOSE Project has investigated applying PMIs within an e-Science education context. This has involved establishing a Grid Computing module as part of Glasgow University’s Advanced MSc degree in Computing Science. A laboratory infrastructure was built for the students realising a PMI with the PERMIS software, to protect Grid Services they created. The first year of the course centered on building a static PMI at Glasgow. The second year extended this to allow dynamic attribute delegation between Glasgow and Edinburgh to support dynamic establishment of fine grained authorization based virtual organizations across multiple institutions. This dynamic delegation was implemented using the DIS (Delegation Issuing) Web Service supplied by the University of Kent. This paper describes the experiences and lessons learned from setting up and applying the advanced Grid authorization infrastructure within the Grid Computing course, focusing primarily on the second year and the dynamic virtual organisation setup between Glasgow and Edinburgh

Security oriented e-infrastructures supporting neurological research and clinical trials

The neurological and wider clinical domains stand to gain greatly from the vision of the grid in providing seamless yet secure access to distributed, heterogeneous computational resources and data sets. Whilst a wealth of clinical data exists within local, regional and national healthcare boundaries, access to and usage of these data sets demands that fine grained security is supported and subsequently enforced. This paper explores the security challenges of the e-health domain, focusing in particular on authorization. The context of these explorations is the MRC funded VOTES (Virtual Organisations for Trials and Epidemiological Studies) and the JISC funded GLASS (Glasgow early adoption of Shibboleth project) which are developing Grid infrastructures for clinical trials with case studies in the brain trauma domain

Designing privacy for scalable electronic healthcare linkage

A unified electronic health record (EHR) has potentially immeasurable benefits to society, and the current healthcare industry drive to create a single EHR reflects this. However, adoption is slow due to two major factors: the disparate nature of data and storage facilities of current healthcare systems and the security ramifications of accessing and using that data and concerns about potential misuse of that data. To attempt to address these issues this paper presents the VANGUARD (Virtual ANonymisation Grid for Unified Access of Remote Data) system which supports adaptive security-oriented linkage of disparate clinical data-sets to support a variety of virtual EHRs avoiding the need for a single schematic standard and natural concerns of data owners and other stakeholders on data access and usage. VANGUARD has been designed explicit with security in mind and supports clear delineation of roles for data linkage and usage

Grid infrastructures for secure access to and use of bioinformatics data: experiences from the BRIDGES project

The BRIDGES project was funded by the UK Department of Trade and Industry (DTI) to address the needs of cardiovascular research scientists investigating the genetic causes of hypertension as part of the Wellcome Trust funded (£4.34M) cardiovascular functional genomics (CFG) project. Security was at the heart of the BRIDGES project and an advanced data and compute grid infrastructure incorporating latest grid authorisation technologies was developed and delivered to the scientists. We outline these grid infrastructures and describe the perceived security requirements at the project start including data classifications and how these evolved throughout the lifetime of the project. The uptake and adoption of the project results are also presented along with the challenges that must be overcome to support the secure exchange of life science data sets. We also present how we will use the BRIDGES experiences in future projects at the National e-Science Centre

User-oriented security supporting inter-disciplinary life science research across the grid

Understanding potential genetic factors in disease or development of personalised e-Health solutions require scientists to access a multitude of data and compute resources across the Internet from functional genomics resources through to epidemiological studies. The Grid paradigm provides a compelling model whereby seamless access to these resources can be achieved. However, the acceptance of Grid technologies in this domain by researchers and resource owners must satisfy particular constraints from this community - two of the most critical of these constraints being advanced security and usability. In this paper we show how the Internet2 Shibboleth technology combined with advanced authorisation infrastructures can help address these constraints. We demonstrate the viability of this approach through a selection of case studies across the complete life science spectrum

User oriented access to secure biomedical resources through the grid

The life science domain is typified by heterogeneous data sets that are evolving at an exponential rate. Numerous post-genomic databases and areas of post-genomic life science research have been established and are being actively explored. Whilst many of these databases are public and freely accessible, it is often the case that researchers have data that is not so freely available and access to this data needs to be strictly controlled when distributed collaborative research is undertaken. Grid technologies provide one mechanism by which access to and integration of federated data sets is possible. Combining such data access and integration technologies with fine grained security infrastructures facilitates the establishment of virtual organisations (VO). However experience has shown that the general research (non-Grid) community are not comfortable with the Grid and its associated security models based upon public key infrastructures (PKIs). The Internet2 Shibboleth technology helps to overcome this through users only having to log in to their home site to gain access to resources across a VO – or in Shibboleth terminology a federation. In this paper we outline how we have applied the combination of Grid technologies, advanced security infrastructures and the Internet2 Shibboleth technology in several biomedical projects to provide a user-oriented model for secure access to and usage of Grid resources. We believe that this model may well become the de facto mechanism for undertaking e-Research on the Grid across numerous domains including the life sciences

Single sign-on and authorization for dynamic virtual organizations

The vision of the Grid is to support the dynamic establishment and subsequent management of virtual organizations (VO). To achieve this presents many challenges for the Grid community with perhaps the greatest one being security. Whilst Public Key Infrastructures (PKI) provide a form of single sign-on through recognition of trusted certification authorities, they have numerous limitations. The Internet2 Shibboleth architecture and protocols provide an enabling technology overcoming some of the issues with PKIs however Shibboleth too suffers from various limitations that make its application for dynamic VO establishment and management difficult. In this paper we explore the limitations of PKIs and Shibboleth and present an infrastructure that incorporates single sign-on with advanced authorization of federated security infrastructures and yet is seamless and targeted to the needs of end users. We explore this infrastructure through an educational case study at the National e-Science Centre (NeSC) at the University of Glasgow and Edinburgh

Brief loving-kindness meditation reduces racial bias, mediated by positive other-regarding emotions

The relationship between positive emotions and implicit racial prejudice is unclear. Interventions using positive emotions to reduce racial bias have been found wanting, while other research shows that positive affect can sometimes exacerbate implicit prejudice. Nevertheless, loving-kindness meditation (LKM) has shown some promise as a method of reducing bias despite increasing a broad range of positive emotions. A randomised control trial (n = 69) showed that a short-term induction of LKM decreased automatic processing, increased controlled processing, and was sufficient to reduce implicit prejudice towards the target’s racial group but not towards a group untargeted by the meditation. Furthermore, the reduction in bias was shown to be mediated by other-regarding positive emotions alongside increased control and decreased automaticity on the IAT. Non-other-regarding positive emotions conversely showed no correlation with bias. The study is the first to show that a short-term positive emotional induction can reduce racial prejudice, and aids the understanding of how positive emotions functionally differentiate in affecting bias

Later-life crisis: Towards a holistic model

Crisis episodes have been most commonly associated with midlife, and correspondingly research on crisis after midlife is marked by its absence. Here, we report findings from a retrospective interview-based study of 21 adults about crises occurring between the ages of 60 and 69, in the first attempt to explore the holistic structure, process and experiential contents of later-life crisis. Basing our analysis on existing models of late-adult development, four key areas of later-life crisis were explored as follows: (1) life events and relationships, (2) self and identity, (3) motivation and goals and (4) cognition and affect. We were able to define a provisional common holistic process to later-life crisis episodes, shared by all participants, which included multiple loss-inducing stressful life events that provide a cumulative challenge to coping resources, a struggle with ego integrity, increased mortality awareness and the re-scaling of goals, activities and roles in ways that pertain to re-engagement, continuity or disengagement. Findings are discussed in relation to theories of adult development in later life, while strategies are proposed for future research on this understudied area