Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sep 25, 20071/5 Grid Services Activities on Security Gabriele Garzoglio Grid Services Activities on Security Gabriele Garzoglio Computing Division, Fermilab.

Published byJacob Bruce Modified over 8 years ago

Similar presentations

Presentation on theme: "Sep 25, 20071/5 Grid Services Activities on Security Gabriele Garzoglio Grid Services Activities on Security Gabriele Garzoglio Computing Division, Fermilab."— Presentation transcript:

1 Sep 25, 20071/5 Grid Services Activities on Security Gabriele Garzoglio Grid Services Activities on Security Gabriele Garzoglio Computing Division, Fermilab Grid Coordination Meeting Sep 25, 2007 Overview Grid Services Tactical Plan VO Services Activities ReSS and Other Activities

2 Sep 25, 20072/5 Grid Services Activities on Security Gabriele Garzoglio Grid Services Tactical Plan 1.Develop features and improve robustness of the VO Services infrastructure […]. 2.Extend deployment of and support the VO Services infrastructure […] 3.Integrate standard authorization call-out libraries, […] in order to enable interoperability […]. 4.Integrate support for emerging standards and increasingly complex use cases in the VO Service infrastructure. […] 5.Provide maintenance and support for the ReSS WMS […]. Understand operational needs for the infrastructure. Support and Improvement of the “base” infrastructure Authorization Interoperability Next Generation Storage AuthZ Models Privilege Policy Management Other Activities Tactical PlanThis Talk

3 Sep 25, 20073/5 Grid Services Activities on Security Gabriele Garzoglio VO Services VO user membership management and fine-grained authorization to Grid resources Vision / Driving Forces for Phase III ( Status report at http://cd-docdb.fnal.gov/cgi-bin/ShowDocument?docid=2144 ) http://cd-docdb.fnal.gov/cgi-bin/ShowDocument?docid=2144 –keeping the pace with new security paradigms –providing excellent support for the current infrastructure –reducing overall maintenance Stakeholders –USCMS, OSG, FNAL VOs (Astronomy, Run II, …), FermiGrid, Storage at FNAL –Representatives contacted: Burt Holzman, Ian Fisk, Mine Altunay, John Weigand, Doug Benjamin, Jim Annis, Timur Perelmutov Base Infrastructure –PRIMA, GUMS, VOMRS – VO Services proj. –gLexec – VO Services proj. See Igor’s talk –gPlazma – Interfacing with dCache proj. Effort –FNAL 1.1 FTE (0.6 CD + 0.5 CMS); Total 1.6 FTE (FNAL + 0.5 BNL)

4 Sep 25, 20074/5 Grid Services Activities on Security Gabriele Garzoglio VO Services Activities 1 Support and Improvement of the “base” infrastructure (High Priority) –Ongoing. FNAL Effort @ 0.6 FTE –Foci: (1) Robustness and Usability; (2) VOMRS vital features –Stakeholders: FermiGrid, BNL, USCMS, OSG VO’s, OSG Facility ? Authorization Interoperability (Medium Priority) –Enables Middleware developed in the US (e.g. SRM) to use EU Authorization infrastructure and vice versa. Collaboration with EGEE and Globus –Stakeholders: USCMS, Software Providers (Globus, OSG group, dCache, Condor ?, …) –Milestones: Date (activity) (FTE) Aug 07 (alpha; met) (0.1) – Dec 07 (beta) (0.2) – Feb 08 (beta Integration) (0.5) – Apr 08 (v1) (0.2) – Jun 08 (v1 Int.) (0.5)

5 Sep 25, 20075/5 Grid Services Activities on Security Gabriele Garzoglio VO Services Activities 2 Support Storage Groups in Defining Next Generation Storage AuthZ Models (Medium Priority) –Interaction with storage projects at FNAL (SRM/dCache, OSG Ext. and VDT) –Stakeholders: OSG, USCMS –VO Service Proj. @ 0.1 FTE (Consulting Role) upon request Privilege Policy Management (Medium Priority) –Allows VO’s to express privileges directly; Sites to implement and verify privileges. Evaluation and prototypical work. Collaboration with TechX, funded via SBIR Phase I –Stakeholders: OSG –FNAL Effort @ ~ 0.1 FTE from VO Service Proj. (Customer / Stakeholder role) –Plan in progress. Duration 9 months. –Deliverables: Policy schema/language (3 mo. @ 0.2? FNAL) Policy tools (6 mo. @ 0.1? FNAL)

6 Sep 25, 20076/5 Grid Services Activities on Security Gabriele Garzoglio Other Activities Requests from VO Service Proj. Stakeholders. May lack available effort. (Low Priority) –Attribute Certificate Validation at Resource Gateway Depends on acceptance and deployment of new VOMS –Broaden / Standard AuthZ call-out Interfaces Needed for Accounting. May lower overall maintenance. –Site Validation Service (Authentication Service) –Integrating Shibboleth Attribute Authority –End-to-end security / Epensys (see Igor) Authenticate Client Access to ReSS central services (Low Priority) –Once a user community is formed (during OSG 0.8.0), restrict access to providers and requesters of information

Download ppt "Sep 25, 20071/5 Grid Services Activities on Security Gabriele Garzoglio Grid Services Activities on Security Gabriele Garzoglio Computing Division, Fermilab."

Similar presentations

EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Dec 14, 20061/10 VO Services Project – Status Report Gabriele Garzoglio VO Services Project WBS Dec 14, 2006 OSG Executive Board Meeting Gabriele Garzoglio.

Dec 14, 20061/10 VO Services Project – Status Report Gabriele Garzoglio VO Services Project WBS Dec 14, 2006 OSG Executive Board Meeting Gabriele Garzoglio.
Role Based VO Authorization Services Ian Fisk Gabriele Carcassi July 20, 2005.

Role Based VO Authorization Services Ian Fisk Gabriele Carcassi July 20, 2005.
CMS Applications Towards Requirements for Data Processing and Analysis on the Open Science Grid Greg Graham FNAL CD/CMS for OSG Deployment 16-Dec-2004.

CMS Applications Towards Requirements for Data Processing and Analysis on the Open Science Grid Greg Graham FNAL CD/CMS for OSG Deployment 16-Dec-2004.
Implementing Finer Grained Authorization in the Open Science Grid Gabriele Carcassi, Ian Fisk, Gabriele, Garzoglio, Markus Lorch, Timur Perelmutov, Abhishek.

Implementing Finer Grained Authorization in the Open Science Grid Gabriele Carcassi, Ian Fisk, Gabriele, Garzoglio, Markus Lorch, Timur Perelmutov, Abhishek.
Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006.

Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006.
OSG Area Coordinators Meeting Security Team Report Mine Altunay 01/29/2014.

OSG Area Coordinators Meeting Security Team Report Mine Altunay 01/29/2014.
Open Science Grid Software Stack, Virtual Data Toolkit and Interoperability Activities D. Olson, LBNL for the OSG www.opensciencegrid.org International.

Open Science Grid Software Stack, Virtual Data Toolkit and Interoperability Activities D. Olson, LBNL for the OSG International.
Status of the Adoption of a SAML-XACML Profile for Authorization Interoperability across Grid Middleware 1/17 Status of the Adoption of a SAML-XACML Profile.

Status of the Adoption of a SAML-XACML Profile for Authorization Interoperability across Grid Middleware 1/17 Status of the Adoption of a SAML-XACML Profile.
OSG Services at Tier2 Centers Rob Gardner University of Chicago WLCG Tier2 Workshop CERN June 12-14, 2006.

OSG Services at Tier2 Centers Rob Gardner University of Chicago WLCG Tier2 Workshop CERN June 12-14, 2006.
OSG Middleware Roadmap Rob Gardner University of Chicago OSG / EGEE Operations Workshop CERN June 19-20, 2006.

OSG Middleware Roadmap Rob Gardner University of Chicago OSG / EGEE Operations Workshop CERN June 19-20, 2006.
VOX Project Status T. Levshina. Talk Overview VOX Status –Registration –Globus callouts/Plug-ins –LRAS –SAZ Collaboration with VOMS EDG team Preparation.

VOX Project Status T. Levshina. Talk Overview VOX Status –Registration –Globus callouts/Plug-ins –LRAS –SAZ Collaboration with VOMS EDG team Preparation.
May 8, 20071/15 VO Services Project – Status Report Gabriele Garzoglio VO Services Project – Status Report Overview and Plans May 8, 2007 Computing Division,

May 8, 20071/15 VO Services Project – Status Report Gabriele Garzoglio VO Services Project – Status Report Overview and Plans May 8, 2007 Computing Division,
2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.

2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.
Apr 30, 20081/11 VO Services Project – Stakeholders’ Meeting Gabriele Garzoglio VO Services Project Stakeholders’ Meeting Apr 30, 2008 Gabriele Garzoglio.

Apr 30, 20081/11 VO Services Project – Stakeholders’ Meeting Gabriele Garzoglio VO Services Project Stakeholders’ Meeting Apr 30, 2008 Gabriele Garzoglio.
Mine Altunay OSG Security Officer Open Science Grid: Security Gateway Security Summit January 28-30, 2008 San Diego Supercomputer Center.

Mine Altunay OSG Security Officer Open Science Grid: Security Gateway Security Summit January 28-30, 2008 San Diego Supercomputer Center.
SAMGrid as a Stakeholder of FermiGrid Valeria Bartsch Computing Division Fermilab.

SAMGrid as a Stakeholder of FermiGrid Valeria Bartsch Computing Division Fermilab.
Security Area in GridPP2 4 Mar 2004 Security Area in GridPP2 “Proforma-2 posts” overview Deliverables – Local Access – Local Usage.

Security Area in GridPP2 4 Mar 2004 Security Area in GridPP2 “Proforma-2 posts” overview Deliverables – Local Access – Local Usage.
Mar 28, 20071/9 VO Services Project Gabriele Garzoglio The VO Services Project Don Petravick for Gabriele Garzoglio Computing Division, Fermilab ISGC 2007.

Mar 28, 20071/9 VO Services Project Gabriele Garzoglio The VO Services Project Don Petravick for Gabriele Garzoglio Computing Division, Fermilab ISGC 2007.
OSG Security Review Mine Altunay December 4, 2008.

OSG Security Review Mine Altunay December 4, 2008.

Similar presentations

Ads by Google