Abstract
This paper describes the security framework used by the GridSpace2 platform. The framework needs to restrict access to the Experiment Workbench to authorized users only as well as enable scientists to use multiple resources – computers (such as clusters, grids and clouds) and data, like e.g. relational database management systems (RDBMSes). The paper analyzes the appropriate technologies, details the proposed solution and summarizes the results of our research and development of flexible and extensible security solutions for scientists who need transparent access to heterogeneous compute and data resources. Additionally, as part of this paper, a wallet mechanism is described which enables secure storage of arbitrary confidential data such as credentials for external services.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ciepiela, E., Harężlak, D., Kocot, J., Bartyński, T., Kasztelnik, M., Nowakowski, P., Gubała, T., Malawski, M., Bubak, M.: Exploratory programming in the virtual laboratory. In: Proceedings of the International Multiconference on Computer Science and Information Technology, Wisla, Poland, pp. 621–628 (2010)
GridSpace technology homepage, http://dice.cyfronet.pl/gridspace
The PL-Grid Project, http://www.plgrid.pl/en
Meizner, J., Malawski, M., Ciepiela, E., Kasztelnik, M., Harężlak, D., Nowakowski, P., Król, D., Gubała, T., Funika, W., Bubak, M., Mikołajczyk, T., Płaszczak, P., Wilk, K., Assel, M.: ViroLab Security and Virtual Organization Infrastructure. In: Dou, Y., Gruber, R., Joller, J.M. (eds.) APPT 2009. LNCS, vol. 5737, pp. 230–245. Springer, Heidelberg (2009)
OpenPBS (original homepage not maintained), http://www.mcs.anl.gov/research/projects/openpbs/
TORQUE Resource Manager, http://www.clusterresources.com/pages/products/torque-resource-manager.php
PBSPro, http://www.pbsworks.com/
Oracle Grid Engine, http://www.oracle.com/us/products/tools/oracle-grid-engine-075549.html
Univa Grid Engine, http://www.univa.com/products/grid-engine.php
European Grid Infrastructure, http://www.egi.eu/
Basney, J., Humphrey, M., Welch, V.: The MyProxy online credential repository. Softw., Pract. Exper. 35(9), 801–816 (2005)
Meizner, J., Malawski, M., Bubak, M.: Flexible and Secure Access to Computing Clusters. Computer Science, Annual of University of Science and Technology 11, 21–36 (2010)
Barton, T., Basney, J., Freeman, T., Scavo, T., Siebenlist, F., Welch, V., Ananthakrishnan, R., Baker, B., Goode, M., Keahey, K.: Identity federation and attribute-based authorization through the globus toolkit, shibboleth, gridshib, and MyProxy. In: 5th Annual PKI R&D Workshop (April 2006)
Spence, D., Geddes, N., Jensen, J., Richards, A., Viljoen, M., Martin, A., Dovey, M., Norman, M., Tang, K., Trefethen, A., Wallom, D., Allan, R., Meredith, D.: ShibGrid: Shibboleth access for the UK national grid service, p. 75 (December 2006), http://dx.doi.org/10.1109/E-SCIENCE.2006.261159
Distributed European Infrastructure for Supercomputing Applications, http://www.deisa.eu/
Uniform Interface to Computing Resources, http://www.unicore.eu/
Multiscale Applications on European e-Infrastructures, http://www.mapper-project.eu/
CILogon – GridShib, http://www.cilogon.org/gridshib/
CILogon – GridShib-CA, http://gridshibca.cilogon.org/
GO Teragrid Portal, https://go.teragrid.org/
GSI-Enabled OpenSSH, http://grid.ncsa.illinois.edu/ssh/
Ganymed SSH-2 for Java, http://www.cleondris.ch/opensource/ssh2/
Christian Grothoff, GNU libmicrohttpd, http://www.gnu.org/software/libmicrohttpd/
Free Software Foundation, GnuPG – Libraries (libgcrypt), http://www.gnupg.org/related_software/libraries.html
Kurowski, K., de Back, W., Dubitzky, W., Gulyás, L., Kampis, G., Mamonski, M., Szemes, G., Swain, M.: Complex System Simulations with QosCosGrid. In: Allen, G., Nabrzyski, J., Seidel, E., van Albada, G.D., Dongarra, J., Sloot, P.M.A. (eds.) ICCS 2009, Part I. LNCS, vol. 5544, pp. 387–396. Springer, Heidelberg (2009)
University of Chicago, Overview of the Grid Security Infrastructure, http://www.globus.org/security/overview.html
Amazon, Amazon S3 APIs, http://docs.amazonwebservices.com/AmazonS3/latest/API/
Ciepiela, E., Nowakowski, P., Kocot, J., Harężlak, D., Gubała, T., Meizner, J., Kasztelnik, M., Bartyński, T., Malawski, M., Bubak, M.: Managing Entire Lifecycles of e-Science Applications in the GridSpace2 Virtual Laboratory – From Motivation through Idea to Operable Web-Accessible Environment Built on Top of PL-Grid e-Infrastructure. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 228–239. Springer, Heidelberg (2012)
Radecki, M., Szepieniec, T., Szymocha, T., Szopa, M., Krakowian, M.: Towards Professional Service Operations in Grids. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 27–39. Springer, Heidelberg (2012)
Bosak, B., Komasa, J., Kopta, P., Kurowski, K., Mamoński, M., Piontek, T.: New Capabilities in QosCosGrid Middleware for Advanced Job Management, Advance Reservation and Co-allocation of Computing Resources – Quantum Chemistry Application Use Case. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 40–55. Springer, Heidelberg (2012)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Meizner, J., Ciepiela, E., Nowakowski, P., Kocot, J., Malawski, M., Bubak, M. (2012). Flexible and Extendable Mechanism Enabling Secure Access to e-Infrastructures and Storage of Confidential Data for the GridSpace2 Virtual Laboratory. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds) Building a National Distributed e-Infrastructure–PL-Grid. Lecture Notes in Computer Science, vol 7136. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28267-6_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-28267-6_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-28266-9
Online ISBN: 978-3-642-28267-6
eBook Packages: Computer ScienceComputer Science (R0)