Euro-Par 2007 Workshops: Parallel Processing

Volume 4854 of the series Lecture Notes in Computer Science pp 112-120

Using SAML-Based VOMS for Authorization within Web Services-Based UNICORE Grids

  • Valerio VenturiAffiliated withNational Institute of Nuclear Physics (INFN)
  • , Morris RiedelAffiliated withForschungszentrum Juelich (FZJ)
  • , Shiraz MemonAffiliated withForschungszentrum Juelich (FZJ)
  • , Shahbaz MemonAffiliated withForschungszentrum Juelich (FZJ)
  • , Federico StagniAffiliated withNational Institute of Nuclear Physics (INFN)
  • , Bernd SchullerAffiliated withForschungszentrum Juelich (FZJ)
  • , Daniel MallmannAffiliated withForschungszentrum Juelich (FZJ)
  • , Bastian TweddellAffiliated withForschungszentrum Juelich (FZJ)
  • , Alberto GianoliAffiliated withNational Institute of Nuclear Physics (INFN)
    • , Sven van den BergheAffiliated withFujitsu Laboratories of Europe (FLE)
    • , David SnellingAffiliated withFujitsu Laboratories of Europe (FLE)
    • , Achim StreitAffiliated withForschungszentrum Juelich (FZJ)

* Final gross prices may vary according to local VAT.

Get Access


In recent years, the Virtual Organization Membership Service (VOMS) emerged within Grid infrastructures providing dynamic, fine-grained, access control needed to enable resource sharing across Virtual Organization (VOs). VOMS allows to manage authorization information in a VO scope to enforce agreements established between VOs and resource owners. VOMS is used for authorization in the EGEE and OSG infrastructures and is a core component of the respective middleware stacks gLite and VDT. While a module for supporting VOMS is also available as part of the authorization service of the Globus Toolkit, there is currently no support for VO-level authorization within the new Web services-based UNICORE 6. This paper describes the evolution of VOMS towards an open standard compliant service based on the Security Assertion Markup Language (SAML), which in turn provides mechanisms to fill the VO-level authorization service gap within Web service-based UNICORE Grids. In addition, the SAML-based VOMS allows for cross middleware VO management through open standards.