9 research outputs found
Security for Grid Services
Grid computing is concerned with the sharing and coordinated use of diverse
resources in distributed "virtual organizations." The dynamic and
multi-institutional nature of these environments introduces challenging
security issues that demand new technical approaches. In particular, one must
deal with diverse local mechanisms, support dynamic creation of services, and
enable dynamic creation of trust domains. We describe how these issues are
addressed in two generations of the Globus Toolkit. First, we review the Globus
Toolkit version 2 (GT2) approach; then, we describe new approaches developed to
support the Globus Toolkit version 3 (GT3) implementation of the Open Grid
Services Architecture, an initiative that is recasting Grid concepts within a
service oriented framework based on Web services. GT3's security implementation
uses Web services security mechanisms for credential exchange and other
purposes, and introduces a tight least-privilege model that avoids the need for
any privileged network service.Comment: 10 pages; 4 figure
Initialising and Terminating Active Contours for Vague Field Crisping
An emerging class of data-intensive applications involve the geographically
dispersed extraction of complex scientific information from very large
collections of measured or computed data. Such applications arise, for example,
in experimental physics, where the data in question is generated by
accelerators, and in simulation science, where the data is generated by
supercomputers. So-called Data Grids provide essential infrastructure for such
applications, much as the Internet provides essential services for applications
such as e-mail and the Web. We describe here two services that we believe are
fundamental to any Data Grid: reliable, high-speed transporet and replica
management. Our high-speed transport service, GridFTP, extends the popular FTP
protocol with new features required for Data Grid applciations, such as
striping and partial file access. Our replica management service integrates a
replica catalog with GridFTP transfers to provide for the creation,
registration, location, and management of dataset replicas. We present the
design of both services and also preliminary performance results. Our
implementations exploit security and other services provided by the Globus
Toolkit.Comment: 15 page
X.509 proxy certificates for dynamic delegation
Proxy credentials are commonly used in security systems when one entity wishes to grant to another entity some set of its privileges. We have defined and standardized X.509 Proxy Certificates for the purpose of providing restricted proxying and delegation within a PKI-based authentication system. We present here our motivations for this work coming from our efforts in Grid security, the Proxy Certificate itself, and our experiences in implementation and deployment.
Efficient Data Transport and Replica Management for High-Performance Data-Intensive Computing
After studying data-intensive, high-performance computing applications such as highenergy physics and climate modeling, we conclude that these applications require two fundamental data management services: secure, reliable, efficient transfer of data in wide area environments and the ability to register and locate multiple copies of data sets. In this paper, we present our design of these services in the Globus grid computing environment. We also describe the performance of our current implementation.
Secure, Efficient Data Transport and Replica Management for
An emerging class of data-intensive applications involve the geographically dispersed extraction of complex scientific information from very large collections of measured or computed data. Such applications arise, for example, in experimental physics, where the data in question is generated by accelerators, and in simulation science, where the data is generated by supercomputers. So-called Data Grids provide essential infrastructure for such applications, much as the Internet provides essential services for applications such as e-mail and the Web. We describe here two services that we believe are fundamental to any Data Grid: reliable, high-speed transport and replica management. Our high-speed transport service, GridFTP, extends the popular FTP protocol with new features required for Data Grid applications, such as striping and partial file access. Our replica management service integrates a replica catalog with GridFTP transfers to provide for the creation, registration, location, and management of dataset replicas. We present the design of both services and also preliminary performance results. Our implementations exploit security and other services provided by the Globus Toolkit