Presentation is loading. Please wait.

Presentation is loading. Please wait.

May 8, 20071/15 VO Services Project – Status Report Gabriele Garzoglio VO Services Project – Status Report Overview and Plans May 8, 2007 Computing Division,

Published byJeffry Andrews Modified over 8 years ago

Similar presentations

Presentation on theme: "May 8, 20071/15 VO Services Project – Status Report Gabriele Garzoglio VO Services Project – Status Report Overview and Plans May 8, 2007 Computing Division,"— Presentation transcript:

1 May 8, 20071/15 VO Services Project – Status Report Gabriele Garzoglio VO Services Project – Status Report Overview and Plans May 8, 2007 Computing Division, Fermilab Gabriele Garzoglio

2 May 8, 20072/15 VO Services Project – Status Report Gabriele Garzoglio Overview Status Effort Closing Phase II –Phase I closed as VO Privilege Project on transition from Ian Fisk a year ago Phase III ?

3 May 8, 20073/15 VO Services Project – Status Report Gabriele Garzoglio Project Definition From Project Database: “The VO Services project provides user registration services and fine-graned access management to computing and storage resources on the Grid.”

4 May 8, 20074/15 VO Services Project – Status Report Gabriele Garzoglio synchronizes VO Services Architecture

5 May 8, 20075/15 VO Services Project – Status Report Gabriele Garzoglio WBS Update since last status Nov 2006 Support ongoing for all of the above. Integration with ML not needed - ML deprecated on OSG GUMS monitor in place at GOC. Still want to improve validation framework Scalability measur. by end of Phase II

6 May 8, 20076/15 VO Services Project – Status Report Gabriele Garzoglio Memory leak fix released to all of OSG. GUMS release V1.2 developed and in test addresses many but not all requests GPlazma deployed. gLExec deployed (see Igor’s talk)

7 May 8, 20077/15 VO Services Project – Status Report Gabriele Garzoglio VOMRS developments done (see slides from Tanya) Work on longer term roadmap proceeding and now defined as VO Services / Grid Security Services Phase III.

8 May 8, 20078/15 VO Services Project – Status Report Gabriele Garzoglio Deployment on OSG The authorization system GUMS has been deployed at O(10) sites –US CMS T2 centers and T1 at FNAL –US ATLAS T2 centers and T1 at BNL –FermiGrid (includes SAZ) et al. US CMS, US ATLAS, DZero, et al. have defined roles that are implemented within VOMS. Sites configure GUMS (PDP) to implement local identity mapping

9 May 8, 20079/15 VO Services Project – Status Report Gabriele Garzoglio Effort Disclaimer: effort from John Weigand NOT reported (~20%) Change of Project Leadership Start Phase II New Reporting Activities

10 May 8, 200710/15 VO Services Project – Status Report Gabriele Garzoglio Closing Project Phase II Deliverable of Phase II are due in the time scale of OSG V0.8.0 release (Aug 07): GUMS v1.2 implementing most of WBS items above. LIGO Authentication Requirements (see Igor’s Talk) gLExec deployment for CDF/CMS (see Igor’s Talk). –Will be in VDT. gPlazma –Deployment underway. Further development and maintenance part of dCache. –Storage role/access requirements part of Phase III VOMRS 1.3. Part of VDT release 1.6.1 in May 2006. –CERN (01/07), Fermilab (04/07), APAC (11/06)

11 May 8, 200711/15 VO Services Project – Status Report Gabriele Garzoglio New Request from OSG Document current use of credential attributes precisely and completely. –Document how attributes are used by VOs and Sites. –Due for OSG Blueprint meeting Jun 7. –Identify inconsistencies. –Record typical sites configurations. Use as a basis in OSG and at Fermilab to discuss future directions.

12 May 8, 200712/15 VO Services Project – Status Report Gabriele Garzoglio Options for Phase III? Phase II of the project is minimally operations and maintenance for the stakeholders. Will require ~0.5 FTE. –May be new requirements to meet interoperability with EGEE once Job Prioritization really in use. –May be new requirements to meet security requirements of Fermilab and other sites. Could include completing current requests for GUMS (V2.0) (~6 FTE months. Request for BNL to continue OSG support for GUMS development is under discussion). Improve: –configuration management (hot swapping configs) –usability (access historical mapping information, full role-mapping to pool accounts) –debugging capabilities –redundant service configurations (with FermiGrid)

13 May 8, 200713/15 VO Services Project – Status Report Gabriele Garzoglio Goals for Phase III ? Interface/integrate/migrate OSG AuthZ components more into emerging standards. Set path for less effort in the future Prepare for use of new AuthN mechanisms (ie Shiboleth). VOMRS –Interface to Shib; Use more standard workflow engine, persistency, UI technology Accounting integration : Interface roles GRAM-Auditing and Gratia Support finer-grain access to Storage –SRM/dCache does not manage privileges directly via X509 credential attributes. UID, GID, Root Path, … mappings are required. –Stakeholders are interested in supporting combinations of read / write accesses to files / directories by VO, VO groups, and group roles. Improve software stack validation and regression tests across releases. Ongoing OSG - EGEE AuthZ interoperability. Already started: –Globus develops the common library (based on XACML2/SAML2): β-version released on schedule (Apr 07). –Understanding and feeding back OSG and EGEE requirements: implementation of some key features estimated for June –Holding regular meetings (Oct 06, Feb 07, Mar 07, Apr 07, planned Jun 07)

14 May 8, 200714/15 VO Services Project – Status Report Gabriele Garzoglio What about Policy ? Currently no mechanism to define VO authorization policies and apply them consistently across sites. –SBIR Phase I grant approved More maintainable authentication management by implementing certificate validation service site-centralized. Integration with distributed Identity Management Services (Shibboleth)

15 May 8, 200715/15 VO Services Project – Status Report Gabriele Garzoglio How do we decide the roadmap? Complete Phase II in August. Review and respond to “Credential Attribute Usage Paper”. Establish commitment of EGEE to common protocols: Visit to EGEE in June. Establish commitment of Globus to collaboration: Deliverables in progress. Update the requirements of stakeholders for Policy definition and enforcement. Briefing to CD in July as part of the activity based budget planning?

Download ppt "May 8, 20071/15 VO Services Project – Status Report Gabriele Garzoglio VO Services Project – Status Report Overview and Plans May 8, 2007 Computing Division,"

Similar presentations

EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Dec 14, 20061/10 VO Services Project – Status Report Gabriele Garzoglio VO Services Project WBS Dec 14, 2006 OSG Executive Board Meeting Gabriele Garzoglio.

Dec 14, 20061/10 VO Services Project – Status Report Gabriele Garzoglio VO Services Project WBS Dec 14, 2006 OSG Executive Board Meeting Gabriele Garzoglio.
Role Based VO Authorization Services Ian Fisk Gabriele Carcassi July 20, 2005.

Role Based VO Authorization Services Ian Fisk Gabriele Carcassi July 20, 2005.
Site Authorization Service (SAZ) at Fermilab Vijay Sekhri and Igor Mandrichenko Fermilab CHEP03, March 25, 2003.

Site Authorization Service (SAZ) at Fermilab Vijay Sekhri and Igor Mandrichenko Fermilab CHEP03, March 25, 2003.
GUMS status Gabriele Carcassi PPDG Common Project 12/9/2004.

GUMS status Gabriele Carcassi PPDG Common Project 12/9/2004.
OSG AuthZ Architecture AuthZ Components Legend VO Management Services Grid Site GUMS Site Services SAZ CE Gatekeeper Prima Is Auth? Yes / No SE SRM gPlazma.

OSG AuthZ Architecture AuthZ Components Legend VO Management Services Grid Site GUMS Site Services SAZ CE Gatekeeper Prima Is Auth? Yes / No SE SRM gPlazma.
Implementing Finer Grained Authorization in the Open Science Grid Gabriele Carcassi, Ian Fisk, Gabriele, Garzoglio, Markus Lorch, Timur Perelmutov, Abhishek.

Implementing Finer Grained Authorization in the Open Science Grid Gabriele Carcassi, Ian Fisk, Gabriele, Garzoglio, Markus Lorch, Timur Perelmutov, Abhishek.
VOMRS/VOMS-Admin 2.0.x 2.5.x comparison Mar 28, 2008 Middleware Security Group Meeting Tanya Levshina and Gabriele Garzoglio Computing Division, Fermilab.

VOMRS/VOMS-Admin 2.0.x 2.5.x comparison Mar 28, 2008 Middleware Security Group Meeting Tanya Levshina and Gabriele Garzoglio Computing Division, Fermilab.
1 Software & Grid Middleware for Tier 2 Centers Rob Gardner Indiana University DOE/NSF Review of U.S. ATLAS and CMS Computing Projects Brookhaven National.

1 Software & Grid Middleware for Tier 2 Centers Rob Gardner Indiana University DOE/NSF Review of U.S. ATLAS and CMS Computing Projects Brookhaven National.
Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006.

Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006.
Jan 2010 Current OSG Efforts and Status, Grid Deployment Board, Jan 12 th 2010 OSG has weekly Operations and Production Meetings including US ATLAS and.

Jan 2010 Current OSG Efforts and Status, Grid Deployment Board, Jan 12 th 2010 OSG has weekly Operations and Production Meetings including US ATLAS and.
Open Science Grid Software Stack, Virtual Data Toolkit and Interoperability Activities D. Olson, LBNL for the OSG www.opensciencegrid.org International.

Open Science Grid Software Stack, Virtual Data Toolkit and Interoperability Activities D. Olson, LBNL for the OSG International.
OSG Security Review Mine Altunay June 19, 2008. June 19, 2008 2 Security Overview Current Initiatives  Incident response procedure – top priority (WBS.

OSG Security Review Mine Altunay June 19, June 19, Security Overview Current Initiatives  Incident response procedure – top priority (WBS.
OSG Services at Tier2 Centers Rob Gardner University of Chicago WLCG Tier2 Workshop CERN June 12-14, 2006.

OSG Services at Tier2 Centers Rob Gardner University of Chicago WLCG Tier2 Workshop CERN June 12-14, 2006.
OSG Middleware Roadmap Rob Gardner University of Chicago OSG / EGEE Operations Workshop CERN June 19-20, 2006.

OSG Middleware Roadmap Rob Gardner University of Chicago OSG / EGEE Operations Workshop CERN June 19-20, 2006.
VOX Project Status T. Levshina. Talk Overview VOX Status –Registration –Globus callouts/Plug-ins –LRAS –SAZ Collaboration with VOMS EDG team Preparation.

VOX Project Status T. Levshina. Talk Overview VOX Status –Registration –Globus callouts/Plug-ins –LRAS –SAZ Collaboration with VOMS EDG team Preparation.
Apr 30, 20081/11 VO Services Project – Stakeholders’ Meeting Gabriele Garzoglio VO Services Project Stakeholders’ Meeting Apr 30, 2008 Gabriele Garzoglio.

Apr 30, 20081/11 VO Services Project – Stakeholders’ Meeting Gabriele Garzoglio VO Services Project Stakeholders’ Meeting Apr 30, 2008 Gabriele Garzoglio.
PanDA Multi-User Pilot Jobs Maxim Potekhin Brookhaven National Laboratory Open Science Grid WLCG GDB Meeting CERN March 11, 2009.

PanDA Multi-User Pilot Jobs Maxim Potekhin Brookhaven National Laboratory Open Science Grid WLCG GDB Meeting CERN March 11, 2009.
Mine Altunay OSG Security Officer Open Science Grid: Security Gateway Security Summit January 28-30, 2008 San Diego Supercomputer Center.

Mine Altunay OSG Security Officer Open Science Grid: Security Gateway Security Summit January 28-30, 2008 San Diego Supercomputer Center.
SAMGrid as a Stakeholder of FermiGrid Valeria Bartsch Computing Division Fermilab.

SAMGrid as a Stakeholder of FermiGrid Valeria Bartsch Computing Division Fermilab.

Similar presentations

Ads by Google