Viet Tran Institute of Informatics Slovakia

Slides:



Advertisements
Similar presentations
Open Grid Forum 19 January 31, 2007 Chapel Hill, NC Stephen Langella Ohio State University Grid Authentication and Authorization with.
Advertisements

WP2: Data Management Gavin McCance University of Glasgow November 5, 2001.
Security Daniel Mallmann MWSG meeting Amsterdam December 2005.
GridFTP: File Transfer Protocol in Grid Computing Networks
Grid Security. Typical Grid Scenario Users Resources.
Holding slide prior to starting show. Supporting Collaborative Working of Construction Industry Consortia via the Grid - P. Burnap, L. Joita, J.S. Pahwa,
MTA SZTAKI Hungarian Academy of Sciences Grid Computing Course Porto, January Introduction to Grid portals Gergely Sipos
Seminar Grid Computing ‘05 Hui Li Sep 19, Overview Brief Introduction Presentations Projects Remarks.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
USING THE GLOBUS TOOLKIT This summary by: Asad Samar / CALTECH/CMS Ben Segal / CERN-IT FULL INFO AT:
Globus Toolkit 4 hands-on Gergely Sipos, Gábor Kecskeméti MTA SZTAKI
11 DICOM Image Communication in Globus-Based Medical Grids Michal Vossberg, Thomas Tolxdorff, Associate Member, IEEE, and Dagmar Krefting Ting-Wei, Chen.
The Globus Toolkit Gary Jackson. Introduction The Globus Toolkit is a product of the Globus Alliance ( It is middleware for developing.
Slides for Grid Computing: Techniques and Applications by Barry Wilkinson, Chapman & Hall/CRC press, © Chapter 1, pp For educational use only.
Office of Science U.S. Department of Energy Grids and Portals at NERSC Presented by Steve Chan.
1-2.1 Grid computing infrastructure software Brief introduction to Globus © 2010 B. Wilkinson/Clayton Ferner. Spring 2010 Grid computing course. Modification.
Data Grids: Globus vs SRB. Maturity SRB  Older code base  Widely accepted across multiple communities  Core components are tightly integrated Globus.
4b.1 Grid Computing Software Components of Globus 4.0 ITCS 4010 Grid Computing, 2005, UNC-Charlotte, B. Wilkinson, slides 4b.
Globus Computing Infrustructure Software Globus Toolkit 11-2.
Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.
Grid Toolkits Globus, Condor, BOINC, Xgrid Young Suk Moon.
- 1 - Grid Programming Environment (GPE) Ralf Ratering Intel Parallel and Distributed Solutions Division (PDSD)
National Computational Science National Center for Supercomputing Applications National Computational Science MyProxy: An Online Credential Repository.
TeraGrid Information Services John-Paul “JP” Navarro TeraGrid Grid Infrastructure Group “GIG” Area Co-Director for Software Integration and Information.
Data Management Kelly Clynes Caitlin Minteer. Agenda Globus Toolkit Basic Data Management Systems Overview of Data Management Data Movement Grid FTP Reliable.
Long Term Ecological Research Network Information System LTER Grid Pilot Study LTER Information Manager’s Meeting Montreal, Canada 4-7 August 2005 Mark.
1.The portal sends, under the user approval, user’s attribute retrieved from IDP to CA bridge 2.CA bridge module requests to a CA-online a certificate.
GT Components. Globus Toolkit A “toolkit” of services and packages for creating the basic grid computing infrastructure Higher level tools added to this.
1 School of Computer, National University of Defense Technology A Profile on the Grid Data Engine (GridDaEn) Xiao Nong
ESP workshop, Sept 2003 the Earth System Grid data portal presented by Luca Cinquini (NCAR/SCD/VETS) Acknowledgments: ESG.
Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.
Grid Resource Allocation and Management (GRAM) Execution management Execution management –Deployment, scheduling and monitoring Community Scheduler Framework.
Topaz : A GridFTP extension to Firefox M. Taufer, R. Zamudio, D. Catarino, K. Bhatia, B. Stearn University of Texas at El Paso San Diego Supercomputer.
G RID M IDDLEWARE AND S ECURITY Suchandra Thapa Computation Institute University of Chicago.
National Computational Science National Center for Supercomputing Applications National Computational Science NCSA-IPG Collaboration Projects Overview.
The Grid System Design Liu Xiangrui Beijing Institute of Technology.
CYBERINFRASTRUCTURE FOR THE GEOSCIENCES Data Replication Service Sandeep Chandra GEON Systems Group San Diego Supercomputer Center.
NUG 2004 Grid File Yanker Demo Shreyas Cholia Mass Storage Group, NERSC 06/24/2004.
Communicating Security Assertions over the GridFTP Control Channel Rajkumar Kettimuthu 1,2, Liu Wantao 3,4, Frank Siebenlist 1,2 and Ian Foster 1,2,3 1.
1 Grid Portal for VN-Grid Cu Nguyen Phuong Ha. 2 Outline Some words about portals in principle Overview of OGCE GridPortlets.
NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.
INFSO-RI Enabling Grids for E-sciencE OGSA DAI Data Access and Integration Marek Ciglan Institute of Informatics, Slovac Academy.
Cole David Ronnie Julio. Introduction Globus is A community of users and developers who collaborate on the use and development of open source software,
Shibboleth & Grid Integration STFC and University of Oxford (and University of Manchester)
Development of e-Science Application Portal on GAP WeiLong Ueng Academia Sinica Grid Computing
Enabling Grids for E-sciencE Software installation and setup Viet Tran Institute of Informatics Slovakia.
Data Manipulation with Globus Toolkit Ivan Ivanovski TU München,
1 Grid School Module 4: Grid Security. 2 Typical Grid Scenario Users Resources.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI How to integrate portals with the EGI monitoring system Dusan Vudragovic.
ACGT Architecture and Grid Infrastructure Juliusz Pukacki ‏ EGEE Conference Budapest, 4 October 2007.
A System for Monitoring and Management of Computational Grids Warren Smith Computer Sciences Corporation NASA Ames Research Center.
Grid Services for Digital Archive Tao-Sheng Chen Academia Sinica Computing Centre
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI solution for high throughput data analysis Peter Solagna EGI.eu Operations.
Introduction to GILDA testbed and Genius portal
Grid Security.
Example: Rapid Atmospheric Modeling System, ColoState U
Grid accounting system
Creating and running applications on the NGS
f f FermiGrid – Site AuthoriZation (SAZ) Service
CRC exercises Not happy with the way the document for testbed architecture is progressing More a collection of contributions from the mware groups rather.
Study course: “Computing clusters, grids and clouds” Andrey Y. Shevel
Update on EDG Security (VOMS)
Using SSL – Secure Socket Layer
Knowledge Based Workflow Building Architecture
Grid Security M. Jouvin / C. Loomis (LAL-Orsay)
From Prototype to Production Grid
敦群數位科技有限公司(vanGene Digital Inc.) 游家德(Jade Yu.)
Grid Security Infrastructure
Grid Computing Software Interface
The DZero/PPDG D0/PPDG mission is to enable fully distributed computing for the experiment, by enhancing SAM as the distributed data handling system of.
Presentation transcript:

Viet Tran Institute of Informatics Slovakia Useful grid services Viet Tran Institute of Informatics Slovakia

Grid security infrastructure (GSI) GridFTP MDS4 Content Grid security infrastructure (GSI) Authentication and authorization framework GridFTP File transfer MDS4 Monitoring and discovery Medigrid meeting Bratislava March 10-11

Globus Toolkit 4 Medigrid meeting Bratislava March 10-11

Grid security infrastructure Service provider must be protected from unauthorized access Authentication: who is the user? Authorization: Is he permitted to do it ? Medigrid meeting Bratislava March 10-11

Certificates A digital certificate is a digital document that certifies that a certain public key is owned by a particular user. This document is signed by a third party called the certificate authority (or CA). Medigrid meeting Bratislava March 10-11

Authentication When users want to access a grid service, they send their certificates (more accurately, proxy certificate) to the service The service can check the sign and prove that the users are who they claim to be Grid service Client Medigrid meeting Bratislava March 10-11

Authorization Certificates only prove that who are the users (authentication) Authorization methods Gridmap Authorization service Medigrid meeting Bratislava March 10-11

Gridmap A list of authorized persons Can be configured for each service individually Client Authorized: Peter, Borja, Bill Grid service Medigrid meeting Bratislava March 10-11

Gridmap Advantage: simplicity, easy to use Disadvantage: difficult to manage for large numbers of services/users Medigrid meeting Bratislava March 10-11

Authorization service The service contacts to central authorization service to ask if the user can perform the action Authorization service Grid service Client Medigrid meeting Bratislava March 10-11

Delegation and single sign-on The certificates can be used to delegate some tasks to do in behalf of the users Once users have valid proxy certificates, they can use them to access all services (single sign-on) Medigrid meeting Bratislava March 10-11

Grid security infrastructure Authentication and authorization mechanism are automatically integrated into grid services Simply turn on/off security options Besides certificates, other authentication/authorization methods are also supported (username/password, Kerberos) Medigrid meeting Bratislava March 10-11

Grid security infrastructure (GSI) GridFTP MDS4 Content Grid security infrastructure (GSI) Authentication and authorization framework GridFTP File transfer MDS4 Monitoring and discovery Medigrid meeting Bratislava March 10-11

GridFTP File transfer protocol supported grid authentication and authorization mechanism Use: from command-line or in scripts globus-url-copy fromURL toURL Example: >globbus-url-copy gsiftp://cluster.ui.sav.sk/home/viet/sourcefile file:///tmp/destfile Medigrid meeting Bratislava March 10-11

GridFTP Use: in Java code UrlCopy uc = new UrlCopy(); uc.setSourceUrl(from); uc.setDestinationUrl(to); uc.copy(); Medigrid meeting Bratislava March 10-11

Grid security infrastructure (GSI) GridFTP MDS4 Content Grid security infrastructure (GSI) Authentication and authorization framework GridFTP File transfer MDS4 Monitoring and discovery Medigrid meeting Bratislava March 10-11

Monitoring and discovery Collect recent state information from registered Grid resources Provide browser-based interfaces, command line tools, and Web service interfaces that allow users/machines to query and access the collected information Medigrid meeting Bratislava March 10-11

MDS services MDS-Index, which is the main component for collecting structured data from information sources and making the information available via a Web Services interface MDS-Trigger, which passes this information to an executable (configured by the administrator), which may take an action such as sending email Medigrid meeting Bratislava March 10-11

Collecting information Medigrid meeting Bratislava March 10-11

Publishing information Medigrid meeting Bratislava March 10-11

Searching information MDS provides interface for searching information in Index service (using XPath) Using MDS, Grid services don’t have to use traditional UDDI register Medigrid meeting Bratislava March 10-11

The full picture User interface level Collective level Portal (JSR-168) User interface level Information service (MDS4) Authorization service (CAS) Workflow service (?) Metadata service (?) Collective level Data services (OGSA-DAI) Job services (WSRF) Web service level Grids Clusters PCs Storages File Database Model GIS Physical level Medigrid meeting Bratislava March 10-11

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.