Skip to main content
SpringerLink
Log in

Flexible and Extendable Mechanism Enabling Secure Access to e-Infrastructures and Storage of Confidential Data for the GridSpace2 Virtual Laboratory

  • Chapter
Building a National Distributed e-Infrastructure–PL-Grid

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 7136))

  • 581 Accesses

Abstract

This paper describes the security framework used by the GridSpace2 platform. The framework needs to restrict access to the Experiment Workbench to authorized users only as well as enable scientists to use multiple resources – computers (such as clusters, grids and clouds) and data, like e.g. relational database management systems (RDBMSes). The paper analyzes the appropriate technologies, details the proposed solution and summarizes the results of our research and development of flexible and extensible security solutions for scientists who need transparent access to heterogeneous compute and data resources. Additionally, as part of this paper, a wallet mechanism is described which enables secure storage of arbitrary confidential data such as credentials for external services.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
eBook
USD 16.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 16.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ciepiela, E., Harężlak, D., Kocot, J., Bartyński, T., Kasztelnik, M., Nowakowski, P., Gubała, T., Malawski, M., Bubak, M.: Exploratory programming in the virtual laboratory. In: Proceedings of the International Multiconference on Computer Science and Information Technology, Wisla, Poland, pp. 621–628 (2010)

    Google Scholar 

  2. GridSpace technology homepage, http://dice.cyfronet.pl/gridspace

  3. The PL-Grid Project, http://www.plgrid.pl/en

  4. Meizner, J., Malawski, M., Ciepiela, E., Kasztelnik, M., Harężlak, D., Nowakowski, P., Król, D., Gubała, T., Funika, W., Bubak, M., Mikołajczyk, T., Płaszczak, P., Wilk, K., Assel, M.: ViroLab Security and Virtual Organization Infrastructure. In: Dou, Y., Gruber, R., Joller, J.M. (eds.) APPT 2009. LNCS, vol. 5737, pp. 230–245. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  5. OpenPBS (original homepage not maintained), http://www.mcs.anl.gov/research/projects/openpbs/

  6. TORQUE Resource Manager, http://www.clusterresources.com/pages/products/torque-resource-manager.php

  7. PBSPro, http://www.pbsworks.com/

  8. Oracle Grid Engine, http://www.oracle.com/us/products/tools/oracle-grid-engine-075549.html

  9. Univa Grid Engine, http://www.univa.com/products/grid-engine.php

  10. European Grid Infrastructure, http://www.egi.eu/

  11. Basney, J., Humphrey, M., Welch, V.: The MyProxy online credential repository. Softw., Pract. Exper. 35(9), 801–816 (2005)

    Article  Google Scholar 

  12. Meizner, J., Malawski, M., Bubak, M.: Flexible and Secure Access to Computing Clusters. Computer Science, Annual of University of Science and Technology 11, 21–36 (2010)

    Google Scholar 

  13. Barton, T., Basney, J., Freeman, T., Scavo, T., Siebenlist, F., Welch, V., Ananthakrishnan, R., Baker, B., Goode, M., Keahey, K.: Identity federation and attribute-based authorization through the globus toolkit, shibboleth, gridshib, and MyProxy. In: 5th Annual PKI R&D Workshop (April 2006)

    Google Scholar 

  14. Spence, D., Geddes, N., Jensen, J., Richards, A., Viljoen, M., Martin, A., Dovey, M., Norman, M., Tang, K., Trefethen, A., Wallom, D., Allan, R., Meredith, D.: ShibGrid: Shibboleth access for the UK national grid service, p. 75 (December 2006), http://dx.doi.org/10.1109/E-SCIENCE.2006.261159

  15. Distributed European Infrastructure for Supercomputing Applications, http://www.deisa.eu/

  16. Uniform Interface to Computing Resources, http://www.unicore.eu/

  17. Multiscale Applications on European e-Infrastructures, http://www.mapper-project.eu/

  18. CILogon – GridShib, http://www.cilogon.org/gridshib/

  19. CILogon – GridShib-CA, http://gridshibca.cilogon.org/

  20. GO Teragrid Portal, https://go.teragrid.org/

  21. GSI-Enabled OpenSSH, http://grid.ncsa.illinois.edu/ssh/

  22. Ganymed SSH-2 for Java, http://www.cleondris.ch/opensource/ssh2/

  23. Christian Grothoff, GNU libmicrohttpd, http://www.gnu.org/software/libmicrohttpd/

  24. Free Software Foundation, GnuPG – Libraries (libgcrypt), http://www.gnupg.org/related_software/libraries.html

  25. Kurowski, K., de Back, W., Dubitzky, W., Gulyás, L., Kampis, G., Mamonski, M., Szemes, G., Swain, M.: Complex System Simulations with QosCosGrid. In: Allen, G., Nabrzyski, J., Seidel, E., van Albada, G.D., Dongarra, J., Sloot, P.M.A. (eds.) ICCS 2009, Part I. LNCS, vol. 5544, pp. 387–396. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  26. University of Chicago, Overview of the Grid Security Infrastructure, http://www.globus.org/security/overview.html

  27. Amazon, Amazon S3 APIs, http://docs.amazonwebservices.com/AmazonS3/latest/API/

  28. Ciepiela, E., Nowakowski, P., Kocot, J., Harężlak, D., Gubała, T., Meizner, J., Kasztelnik, M., Bartyński, T., Malawski, M., Bubak, M.: Managing Entire Lifecycles of e-Science Applications in the GridSpace2 Virtual Laboratory – From Motivation through Idea to Operable Web-Accessible Environment Built on Top of PL-Grid e-Infrastructure. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 228–239. Springer, Heidelberg (2012)

    Google Scholar 

  29. Radecki, M., Szepieniec, T., Szymocha, T., Szopa, M., Krakowian, M.: Towards Professional Service Operations in Grids. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 27–39. Springer, Heidelberg (2012)

    Google Scholar 

  30. Bosak, B., Komasa, J., Kopta, P., Kurowski, K., Mamoński, M., Piontek, T.: New Capabilities in QosCosGrid Middleware for Advanced Job Management, Advance Reservation and Co-allocation of Computing Resources – Quantum Chemistry Application Use Case. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 40–55. Springer, Heidelberg (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. ACC Cyfronet AGH, AGH University of Science and Technology, Kraków, Poland

    Jan Meizner, Eryk Ciepiela, Piotr Nowakowski & Joanna Kocot

  2. Faculty of Electrical Engineering, Automatics, Computer Science and Electronics, Department of Computer Science, AGH University of Science and Technology, Kraków, Poland

    Maciej Malawski & Marian Bubak

  3. Informatics Institute, University of Amsterdam, The Netherlands

    Marian Bubak

Authors
  1. Jan Meizner
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Eryk Ciepiela
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Piotr Nowakowski
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Joanna Kocot
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Maciej Malawski
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Marian Bubak
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Marian Bubak Tomasz Szepieniec Kazimierz Wiatr

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Meizner, J., Ciepiela, E., Nowakowski, P., Kocot, J., Malawski, M., Bubak, M. (2012). Flexible and Extendable Mechanism Enabling Secure Access to e-Infrastructures and Storage of Confidential Data for the GridSpace2 Virtual Laboratory. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds) Building a National Distributed e-Infrastructure–PL-Grid. Lecture Notes in Computer Science, vol 7136. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28267-6_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-28267-6_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-28266-9

  • Online ISBN: 978-3-642-28267-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation