Enabling Grids for E-sciencE. EGEE security pitch. Olle Mulmo. EGEE Chief Security Architect KTH, Sweden. INFSO-RI
|
|
- Sarah Ellis
- 6 years ago
- Views:
Transcription
1 EGEE security pitch Olle Mulmo EGEE Chief Security Architect KTH, Sweden
2 Project PR
3 EGEE EGEE is the largest Grid infrastructure project in the World? : 70 leading institutions in 27 countries, federated in regional Grids Leveraging national and regional grid activities ~32 M Euros EU funding for initially 2 years starting 1st April 2004 EU review, February 2005 successful Preparing 2 nd phase of the project proposal to 3 rd EU Grid call September 2005
4 EGEE Activities 48 % service activities (Grid Operations, Support and Management, Network Resource Provision) 24 % middleware re-engineering (Quality Assurance, Security, Network Services Development) 28 % networking (Management, Dissemination and Outreach, User Training and Education, Application Identification and Support, Policy and International Cooperation) EGEE emphasis is on production grid operations and end-user support
5 glite First major release of glite announced on April 5 Focus on providing users early access to prototype Reusing existing components Addressing current shortcomings Interoperability & Co-existence with deployed infrastructure (Cautious) service oriented approach Follow WSRF standardisation Site autonomy LCG-1 LCG-2 glite-1 glite-2 Globus 2 based Web services based
6 Pilot applications High Energy Physics Biomed applications Deployment of applications Generic applications Deployment under way Computational Chemistry Earth science research EGEODE: first industrial application Astrophysics With interest from Hydrology Seismology Grid search engines Stock market simulators Digital video etc. Industry (provider, user, supplier) Pilot New
7 Computing Resources Feb Enabling Grids for E-sciencE Country providing resources Country anticipating joining EGEE/LCG In EGEE-0 (LCG-2): Ö >100 sites Ö >10,000 CPUs Ö >5 PB storage
8 What I came here for The EGEE view on Security - some philosophy and baseline assumptions
9 Baseline assumptions Be Modular and Agnostic Allow for new functionality to be included as an afterthought Don t settle on particular technologies needlessly Be Standard Interoperate Don t roll our own, to the extent possible Be Distributed and Scalable Avoid central services if possible Always retain local control
10 Baseline assumptions VOs self-govern the resources made available to them Yet try to minimize VO management! Use AuthN to tie policy to individuals/resources An open-ended system No central point of control Can t tell where the Grid ends
11 We can t do anything too fancy Enabling Grids for E-sciencE Requirements on functionality Paradigm Shift (SOA) Authentication Access control Credential mgmt Delegation Privacy Other work already underway (LCG, OGSA, ) Existing capabilities GridPMAs WS-Security MyProxy Shibboleth VOMS Globus
12 Architecture Technologies and more details
13 Authentication IGF: Federation of PMAs Better revocation technologies Managed and Active credential storage i.e., where access policy can be enforced Smart cards, MyProxy, Organizationally rooted trust (KCA, SIPS) User-held password-scrambled files should go away
14 Authorization Flexible framework to support for multiple authorities and mechanisms VOMS, banlist, grid-mapfile, SAML, Frank covered this in detail
15 Authorization model Decentralized Predominantly role-based push model Out-of-the-box support for VOMS Semantic-free role and group attributes Pros Scalability Site autonomity Multi-scenario support, VO self-governance Cons Fine-grained access control (?) VO management still heavyweight VOMS is proprietary
16 VO management VOMS for now modularity keeps it open for others Allow for lightweight VO deployment Proposed solution: VO policy service Brainchild
17 Anonymity Pseudonymity as an selective additional step to the SSO process Obtain Grid creds for Joe Credential Storage Pseudonymity Service Joe Zyx Joe Attribute Authority Issue Joe s privileges to Zyx The The Grid Grid User=Zyx Issuer=Pseudo CA
18 Data privacy Data always encrypted except in RAM Simple solution that ignores all the hard problems (we have to as the system is open-ended)
19 Accounting Several solutions and none of them are deployed at an EGEE level Increasingly important
20 Audit Not solved at a Grid level Scalability and information release issues Good tracking at the individual resource level for now
21 Middleware Security Group Integration and Development Cross-activity group Operations, Applications, Developers, OSG Mailing list, phone conferences, face-to-face meetings
22 Operational Management Joint Security Policy Group OSG, LCG participation EUGridPMA TERENA TF-CSIRT (incident response) NREN CERTs start to show interest
23 More information EGEE Website DJRA3.1: Global Security Architecture (1st rev.) DJRA3.2: Site Access Control (1st rev.)
SLCS and VASH Service Interoperability of Shibboleth and glite
SLCS and VASH Service Interoperability of Shibboleth and glite Christoph Witzig, SWITCH (witzig@switch.ch) www.eu-egee.org NREN Grid Workshop Nov 30th, 2007 - Malaga EGEE and glite are registered trademarks
More informationGrids and Security. Ian Neilson Grid Deployment Group CERN. TF-CSIRT London 27 Jan
Grids and Security Ian Neilson Grid Deployment Group CERN TF-CSIRT London 27 Jan 2004-1 TOC Background Grids Grid Projects Some Technical Aspects The three or four A s Some Operational Aspects Security
More informationglite Java Authorisation Framework (gjaf) and Authorisation Policy coordination
glite Java Authorisation Framework (gjaf) and Authorisation Policy coordination Yuri Demchenko University of Amsterdam MWSG meeting EGEE 06 Conference, September 27, 2006, Geneve www.eu-egee.org EGEE and
More informationGrid Computing Middleware. Definitions & functions Middleware components Globus glite
Seminar Review 1 Topics Grid Computing Middleware Grid Resource Management Grid Computing Security Applications of SOA and Web Services Semantic Grid Grid & E-Science Grid Economics Cloud Computing 2 Grid
More informationEGEE and Interoperation
EGEE and Interoperation Laurence Field CERN-IT-GD ISGC 2008 www.eu-egee.org EGEE and glite are registered trademarks Overview The grid problem definition GLite and EGEE The interoperability problem The
More informationImproving Grid User's Privacy with glite Pseudonymity Service
Improving Grid User's Privacy with glite Pseudonymity Service Henri Mikkonen, Joni Hahkala and John White 5 th EGEE User Forum 12-16 April 2010 Uppsala, Sweden www.eu-egee.org EGEE and glite are registered
More informationTHEBES: THE GRID MIDDLEWARE PROJECT Project Overview, Status Report and Roadmap
THEBES: THE GRID MIDDLEWARE PROJECT Project Overview, Status Report and Roadmap Arnie Miles Georgetown University adm35@georgetown.edu http://thebes.arc.georgetown.edu The Thebes middleware project was
More informationReport for the GGF 15 Community Activity: Leveraging Site Infrastructure for Multi-Site Grids
GFD-I.089 Von Welch, NCSA (Editor) October 6, 2005 Report for the GGF 15 Community Activity: Leveraging Site Infrastructure for Multi-Site Grids Copyright Open Grid Forum (2006-2007). All Rights Reserved.
More informationGrid Services Security Vulnerability and Risk Analysis
Grid Services Security Vulnerability and Risk Analysis Dr Linda Cornwall RAL www.eu-egee.org EGEE and glite are registered trademarks Contents Why we setup the Grid Security Vulnerability Group Starting
More informationGrid Computing Security
Anirban Chakrabarti Grid Computing Security With 87 Figures and 12 Tables Sprin g er Contents Preface Organization Acknowledgments v vi vii 1 Introduction 1 1.1 Background 1 1.2 Grid Computing Overview
More informationGLOBUS TOOLKIT SECURITY
GLOBUS TOOLKIT SECURITY Plamen Alexandrov, ISI Masters Student Softwarepark Hagenberg, January 24, 2009 TABLE OF CONTENTS Introduction (3-5) Grid Security Infrastructure (6-15) Transport & Message-level
More informationOutline. Infrastructure and operations architecture. Operations. Services Monitoring and management tools
EGI-InSPIRE EGI Operations Tiziana Ferrari/EGI.eu EGI Chief Operations Officer 1 Outline Infrastructure and operations architecture Services Monitoring and management tools Operations 2 Installed Capacity
More information30 Nov Dec Advanced School in High Performance and GRID Computing Concepts and Applications, ICTP, Trieste, Italy
Advanced School in High Performance and GRID Computing Concepts and Applications, ICTP, Trieste, Italy Why the Grid? Science is becoming increasingly digital and needs to deal with increasing amounts of
More informationPan-European Grid einfrastructure for LHC Experiments at CERN - SCL's Activities in EGEE
Pan-European Grid einfrastructure for LHC Experiments at CERN - SCL's Activities in EGEE Aleksandar Belić Scientific Computing Laboratory Institute of Physics EGEE Introduction EGEE = Enabling Grids for
More informationEGEE (JRA4) Loukik Kudarimoti DANTE. RIPE 51, Amsterdam, October 12 th, 2005 Enabling Grids for E-sciencE.
RIPE 51, Amsterdam, October 12 th, 2005 Enabling Grids for E-sciencE EGEE (JRA4) www.eu-egee.org Loukik Kudarimoti DANTE www.eu-egee.org EGEE is a project funded by the European Union under contract IST-2003-508833
More informationThe EGEE-III Project Towards Sustainable e-infrastructures
The EGEE-III Project Towards Sustainable e-infrastructures Erwin Laure EGEE-III Technical Director Erwin.Laure@cern.ch www.eu-egee.org EGEE-II INFSO-RI-031688 EGEE and glite are registered trademarks EGEE
More informationAuthorisation Policy coordination and glite Java Authorisation Framework (gjaf)
Authorisation Policy coordination and glite Java Authorisation Framework (gjaf) Yuri Demchenko University of Amsterdam JRA1 All Hands meeting, July 10-12, 2006, Pilsen www.eu-egee.org EGEE and glite are
More informationThe glite middleware. Presented by John White EGEE-II JRA1 Dep. Manager On behalf of JRA1 Enabling Grids for E-sciencE
The glite middleware Presented by John White EGEE-II JRA1 Dep. Manager On behalf of JRA1 John.White@cern.ch www.eu-egee.org EGEE and glite are registered trademarks Outline glite distributions Software
More informationAuthentication for Virtual Organizations: From Passwords to X509, Identity Federation and GridShib BRIITE Meeting Salk Institute, La Jolla CA.
Authentication for Virtual Organizations: From Passwords to X509, Identity Federation and GridShib BRIITE Meeting Salk Institute, La Jolla CA. November 3th, 2005 Von Welch vwelch@ncsa.uiuc.edu Outline
More informationDeploying the TeraGrid PKI
Deploying the TeraGrid PKI Grid Forum Korea Winter Workshop December 1, 2003 Jim Basney Senior Research Scientist National Center for Supercomputing Applications University of Illinois jbasney@ncsa.uiuc.edu
More informationGlobal Reference Architecture: Overview of National Standards. Michael Jacobson, SEARCH Diane Graski, NCSC Oct. 3, 2013 Arizona ewarrants
Global Reference Architecture: Overview of National Standards Michael Jacobson, SEARCH Diane Graski, NCSC Oct. 3, 2013 Arizona ewarrants Goals for this Presentation Define the Global Reference Architecture
More informationRole-Based Access Control for the Open Grid Services Architecture - Data Access and Integration (OGSA-DAI)
Wright State University CORE Scholar Browse all Theses and Dissertations Theses and Dissertations 2007 Role-Based Access Control for the Open Grid Services Architecture - Data Access and Integration (OGSA-DAI)
More informationNew trends in Identity Management
New trends in Identity Management Peter Gietz, DAASI International GmbH peter.gietz@daasi.de Track on Research and Education Networking in South East Europe, Yu Info 2007, Kopaionik, Serbia 14 March 2007
More informationGrid services. Enabling Grids for E-sciencE. Dusan Vudragovic Scientific Computing Laboratory Institute of Physics Belgrade, Serbia
Grid services Dusan Vudragovic dusan@phy.bg.ac.yu Scientific Computing Laboratory Institute of Physics Belgrade, Serbia Sep. 19, 2008 www.eu-egee.org Set of basic Grid services Job submission/management
More informationThe LHC Computing Grid
The LHC Computing Grid Visit of Finnish IT Centre for Science CSC Board Members Finland Tuesday 19 th May 2009 Frédéric Hemmer IT Department Head The LHC and Detectors Outline Computing Challenges Current
More informationAuthorization Strategies for Virtualized Environments in Grid Computing Systems
Authorization Strategies for Virtualized Environments in Grid Computing Systems Xinming Ou Anna Squicciarini Sebastien Goasguen Elisa Bertino Purdue University Abstract The development of adequate security
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: Royal Society of Chemistry Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they
More informationThe LHC Computing Grid
The LHC Computing Grid Gergely Debreczeni (CERN IT/Grid Deployment Group) The data factory of LHC 40 million collisions in each second After on-line triggers and selections, only 100 3-4 MB/event requires
More informationg-eclipse A Framework for Accessing Grid Infrastructures Nicholas Loulloudes Trainer, University of Cyprus (loulloudes.n_at_cs.ucy.ac.
g-eclipse A Framework for Accessing Grid Infrastructures Trainer, University of Cyprus (loulloudes.n_at_cs.ucy.ac.cy) EGEE Training the Trainers May 6 th, 2009 Outline Grid Reality The Problem g-eclipse
More informationRUSSIAN DATA INTENSIVE GRID (RDIG): CURRENT STATUS AND PERSPECTIVES TOWARD NATIONAL GRID INITIATIVE
RUSSIAN DATA INTENSIVE GRID (RDIG): CURRENT STATUS AND PERSPECTIVES TOWARD NATIONAL GRID INITIATIVE Viacheslav Ilyin Alexander Kryukov Vladimir Korenkov Yuri Ryabov Aleksey Soldatov (SINP, MSU), (SINP,
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: St. Thomas University Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert
More informationWP JRA1: Architectures for an integrated and interoperable AAI
Authentication and Authorisation for Research and Collaboration WP JRA1: Architectures for an integrated and interoperable AAI Christos Kanellopoulos Agenda Structure and administrative matters Objectives
More informationEU Policy Management Authority for Grid Authentication in e-science Charter Version 1.1. EU Grid PMA Charter
EU Grid PMA Charter This charter defines the policies, practices, and bylaws of the European Policy Management Authority for Grid Authentication in e-science. 1 Introduction The European Policy Management
More informationGrid Security Policy
CERN-EDMS-428008 Version 5.7a Page 1 of 9 Joint Security Policy Group Grid Security Policy Date: 10 October 2007 Version: 5.7a Identifier: https://edms.cern.ch/document/428008 Status: Released Author:
More informationFederated Authentication with Web Services Clients
Federated Authentication with Web Services Clients in the context of SAML based AAI federations Thomas Lenggenhager thomas.lenggenhager@switch.ch Mannheim, 8. March 2011 Overview SAML n-tier Delegation
More informationInterfacing Operational Grid Security to Site Security. Eileen Berman Fermi National Accelerator Laboratory
Interfacing Operational Grid Security to Site Security Eileen Berman Fermi National Accelerator Laboratory Introduction Computing systems at Fermilab belong to one of two large enclaves The General Computing
More informationIntegrating Federations in the International Grid Trust Fabric
Integrating Federations in the International Grid Trust Fabric David Groep Nikhef Dutch national institute for sub-atomic physics Grids, Eduroam, Federations Different terms, same issues How to provide
More informationGrid Security Incident Handling and Response Guide
Open Science Grid Open Science Grid Grid Security Incident Handling and Response Guide 20 Nov 2004-1- Version 1.0 Issue Date Comment 0.1 30 Aug 2004 Draft release to the Activity Group 0.2 7 Sept 2004
More informationFederated access to Grid resources
Federated access to Grid resources http://tinyurl.com/loubf Keith Hazelton (hazelton@wisc.edu) Internet2 Middleware Architecture Comm. for Ed. APAN, Singapore, 19-July-06 Topics http://tinyurl.com/loubf
More informationGoal. TeraGrid. Challenges. Federated Login to TeraGrid
Goal Federated Login to Jim Basney Terry Fleury Von Welch Enable researchers to use the authentication method of their home organization for access to Researchers don t need to use -specific credentials
More informationGaruda : The National Grid Computing Initiative Of India. Natraj A.C, CDAC Knowledge Park, Bangalore.
Garuda : The National Grid Computing Initiative Of India Natraj A.C, CDAC Knowledge Park, Bangalore. natraj@cdacb.ernet.in 1 Agenda About CDAC Garuda grid highlights Garuda Foundation Phase EU-India grid
More informationGRIDS INTRODUCTION TO GRID INFRASTRUCTURES. Fabrizio Gagliardi
GRIDS INTRODUCTION TO GRID INFRASTRUCTURES Fabrizio Gagliardi Dr. Fabrizio Gagliardi is the leader of the EU DataGrid project and designated director of the proposed EGEE (Enabling Grids for E-science
More informationA Guanxi Shibboleth based Security Infrastructure for e-social Science
A Guanxi Shibboleth based Security Infrastructure for e-social Science Wei Jie 1 Alistair Young 2 Junaid Arshad 3 June Finch 1 Rob Procter 1 Andy Turner 3 1 University of Manchester, UK 2 UHI Millennium
More informationBEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE
BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE OUR ORGANISATION AND SPECIALIST SKILLS Focused on delivery, integration and managed services around Identity and Access Management.
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name Wilfrid Laurier University Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name:_Unversity of Regina Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert
More informationA Roadmap for Integration of Grid Security with One-Time Passwords
A Roadmap for Integration of Grid Security with One-Time Passwords April 18, 2004 Jim Basney, Von Welch, Frank Siebenlist jbasney@ncsa.uiuc.edu, franks@mcs.anl.gov, vwelch@ncsa.uiuc.edu 1 Introduction
More informationNational R&E Networks: Engines for innovation in research
National R&E Networks: Engines for innovation in research Erik-Jan Bos EGI Technical Forum 2010 Amsterdam, The Netherlands September 15, 2010 Erik-Jan Bos - Chief Technology Officer at Dutch NREN SURFnet
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: British Columbia Institute of Technology Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation
More informationCILogon Project
CILogon Project GlobusWORLD 2010 Jim Basney jbasney@illinois.edu National Center for Supercomputing Applications University of Illinois at Urbana-Champaign This material is based upon work supported by
More informationInterconnect EGEE and CNGRID e-infrastructures
Interconnect EGEE and CNGRID e-infrastructures Giuseppe Andronico Interoperability and Interoperation between Europe, India and Asia Workshop Barcelona - Spain, June 2 2007 FP6 2004 Infrastructures 6-SSA-026634
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: Lynda.com Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert authoritative
More informationInternet2 Overview, Services and Activities. Fall 2007 Council Briefings October 7, 2007
Internet2 Overview, Services and Activities Fall 2007 Council Briefings October 7, 2007 Agenda Building Community - Marianne Smith International Partnerships Heather Boyles Middleware and Security - Renee
More informationAARC. Christos Kanellopoulos AARC Architecture WP Leader GRNET. Authentication and Authorisation for Research and Collaboration
Authentication and Authorisation for Research and Collaboration AARC Christos Kanellopoulos AARC Architecture WP Leader GRNET Open Day Event: Towards the European Open Science Cloud January 20, 2016 AARC
More informationExtending Services with Federated Identity Management
Extending Services with Federated Identity Management Wes Hubert Information Technology Analyst Overview General Concepts Higher Education Federations eduroam InCommon Federation Infrastructure Trust Agreements
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 Single Sign on Single Service Provider Agreement, page 2 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 3 Cisco Unified Communications Applications
More informationTravelling securely on the Grid to the origin of the Universe
1 Travelling securely on the Grid to the origin of the Universe F-Secure SPECIES 2007 conference Wolfgang von Rüden 1 Head, IT Department, CERN, Geneva 24 January 2007 2 CERN stands for over 50 years of
More informationMoving Digital Identity to the Cloud, a Fundamental Shift in rethinking the enterprise collaborative model.
TEG Progress Update Moving Digital Identity to the Cloud, a Fundamental Shift in rethinking the enterprise collaborative model. Fulup Ar Foll Master Architect Sun Microsystems Fulup@sun.com 1 What is the
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Submit Form Participant Name: Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert authoritative
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert authoritative and accurate identity attributes to resources being accessed, and that Participants
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert authoritative and accurate identity attributes to resources being accessed, and that Participants
More informationInternational Grid Trust Federation
International Grid Trust Federation towards worldwide interoperability in identity management UK Presidency 2005 e-irg Meeting David L. Groep, IGTF and EUGridPMA Chair, 2005-12-13 Outline Grid Security
More informationTechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003
TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko Outline TechSec WG liaison with CSIRT community! Results and developments
More informationReport for the GGF 16 BoF for Grid Developers and Deployers Leveraging Shibboleth
GFD-I.079 Von Welch, NCSA Individual submission March 6, 2006 Report for the GGF 16 BoF for Grid Developers and Deployers Leveraging Shibboleth Copyright Open Grid Forum (2006). All Rights Reserved. Abstract
More informationThe University of Oxford campus grid, expansion and integrating new partners. Dr. David Wallom Technical Manager
The University of Oxford campus grid, expansion and integrating new partners Dr. David Wallom Technical Manager Outline Overview of OxGrid Self designed components Users Resources, adding new local or
More informationLeveraging the LincPass in USDA
Leveraging the LincPass in USDA Two Factor Authentication, Digital Signature, Enterprise VPN, eauth Single Sign On February 2010 USDA Takes Advantage of the LincPass USDA is taking advantage of the LincPass
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,
More informationKerberos for the Web Current State and Leverage Points
Kerberos for the Web Current State and Leverage Points Executive Advisory Board Meeting and Financial Services Security Summit New York, 3-4 November 2008. Towards Kerberizing Web Identity and Services
More informationA VO-friendly, Community-based Authorization Framework
A VO-friendly, Community-based Authorization Framework Part 1: Use Cases, Requirements, and Approach Ray Plante and Bruce Loftis NCSA Version 0.1 (February 11, 2005) Abstract The era of massive surveys
More informationGreek Research and Technology Network. Authentication & Authorization Infrastructure. Faidon Liambotis. grnet
Greek Research and Technology Network Authentication & Authorization Infrastructure Faidon Liambotis faidon@.gr Networking Research and Education February 22 nd, 2011 1 Who am I? Servers & Services Engineer,
More informationIntroduction to Grid Infrastructures
Introduction to Grid Infrastructures Stefano Cozzini 1 and Alessandro Costantini 2 1 CNR-INFM DEMOCRITOS National Simulation Center, Trieste, Italy 2 Department of Chemistry, Università di Perugia, Perugia,
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: CARLETON UNIVERSITY Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert
More informationGrid Middleware and Globus Toolkit Architecture
Grid Middleware and Globus Toolkit Architecture Lisa Childers Argonne National Laboratory University of Chicago 2 Overview Grid Middleware The problem: supporting Virtual Organizations equirements Capabilities
More informationNIS Standardisation ENISA view
NIS Standardisation ENISA view Dr. Steve Purser Brussels, 19 th September 2017 European Union Agency for Network and Information Security Instruments For Improving Cybersecurity Policy makers have a number
More informationGrid Security: The Globus Perspective
Grid Security: The Globus Perspective GlobusWORLD 2005 Feb 7-11, Boston, MA Frank Siebenlist - ANL (franks@mcs.anl.gov) Von Welch - NCSA (welch@ncsa.uiuc.edu) http://www.globus.org/ Outline Part One: Von
More informationGÉANT Community Programme
GÉANT Community Programme Building the community Klaas Wierenga Chief Community Support Officer GÉANT Information day, Tirana, 5 th April 1 Membership Association = very large community to serve GÉANT
More informationAn authorization Framework for Grid Security using GT4
www.ijcsi.org 310 An authorization Framework for Grid Security using GT4 Debabrata Singh 1, Bhupendra Gupta 2,B.M.Acharya 3 4, Sarbeswar Hota S O A University, Bhubaneswar Abstract A Grid system is a Virtual
More informationIntroduction to Grid Security
Introduction to Grid Security Mika Silander Helsinki Institute of Physics www.hip.fi T-106.5820 Grid Technologies and Applications TKK, Outline Background Functionality overview Virtual Organisations Certification
More informationDeploying virtualisation in a production grid
Deploying virtualisation in a production grid Stephen Childs Trinity College Dublin & Grid-Ireland TERENA NRENs and Grids workshop 2 nd September 2008 www.eu-egee.org EGEE and glite are registered trademarks
More informationThe glite middleware. Ariel Garcia KIT
The glite middleware Ariel Garcia KIT Overview Background The glite subsystems overview Security Information system Job management Data management Some (my) answers to your questions and random rumblings
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: Okanagan College Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert
More informationCHAPTER 2 LITERATURE REVIEW AND BACKGROUND
8 CHAPTER 2 LITERATURE REVIEW AND BACKGROUND 2.1 LITERATURE REVIEW Several researches have been carried out in Grid Resource Management and some of the existing research works closely related to this thesis
More informationRamnish Singh IT Advisor Microsoft Corporation Session Code:
Ramnish Singh IT Advisor Microsoft Corporation Session Code: Agenda Microsoft s Identity and Access Strategy Geneva Claims Based Access User access challenges Identity Metasystem and claims solution Introducing
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert authoritative and accurate identity attributes to resources being accessed, and that Participants
More informationEnterprise Privacy and Federated Identity Management
Enterprise Privacy and Federated Identity Management Michael Waidner IBM Zurich Research Lab & IBM Privacy Research Institute April 2003 Outline 1. Motivation 2. Enterprise Privacy Management 3. Federated
More informationINCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES
INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES Participation in the InCommon Federation ( Federation ) enables a federation participating organization ("Participant") to use Shibboleth identity
More informationHardware Tokens in META Centre
MWSG meeting, CERN, September 15, 2005 Hardware Tokens in META Centre Daniel Kouřil kouril@ics.muni.cz CESNET Project META Centre One of the basic activities of CESNET (Czech NREN operator); started in
More informatione-infrastructure: objectives and strategy in FP7
"The views expressed in this presentation are those of the author and do not necessarily reflect the views of the European Commission" e-infrastructure: objectives and strategy in FP7 National information
More informationCIAM: Need for Identity Governance & Assurance. Yash Prakash VP of Products
CIAM: Need for Identity Governance & Assurance Yash Prakash VP of Products Key Tenets of CIAM Solution Empower consumers, CSRs & administrators Scale to millions of entities, cloud based service Security
More informationThe EPIKH, GILDA and GISELA Projects
The EPIKH Project (Exchange Programme to advance e-infrastructure Know-How) The EPIKH, GILDA and GISELA Projects Antonio Calanducci INFN Catania (Consorzio COMETA) - UniCT Joint GISELA/EPIKH School for
More informationglite Grid Services Overview
The EPIKH Project (Exchange Programme to advance e-infrastructure Know-How) glite Grid Services Overview Antonio Calanducci INFN Catania Joint GISELA/EPIKH School for Grid Site Administrators Valparaiso,
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert authoritative and accurate identity attributes to resources being accessed, and that Participants
More informationCanadian Access Federation: Trust Assertion Document (TAD)
1. Canadian Access Federation Participant Information 1.1.1. Organization name: DOUGLAS COLLEGE 1.1.2. Information below is accurate as of this date: November 16, 2017 1.2 Identity Management and/or Privacy
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: Conestoga College Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert
More informationLionShare: A Hybrid Secure Network for Academic Collaboration. Michael J. Halm, Marek Hatala, Derek Morr and Alex Valentine
LionShare: A Hybrid Secure Network for Academic Collaboration Michael J. Halm, Marek Hatala, Derek Morr and Alex Valentine Presentation Overview Brief LionShare Overview LionShare Security Overview Connecting
More informationEXPERIENCE WITH PKI IN A LARGE-SCALE DISTRIBUTED ENVIRONMENT
EXPERIENCE WITH PKI IN A LARGE-SCALE DISTRIBUTED ENVIRONMENT Daniel Kouřil, Michal Procházka, Luděk Matyska CESNET z. s. p. o., Zikova 4, 160 00 Praha 6, Czech Republic, and Masaryk University, Botanická
More informationMoving e-infrastructure into a new era the FP7 challenge
GARR Conference 18 May 2006 Moving e-infrastructure into a new era the FP7 challenge Mário Campolargo European Commission - DG INFSO Head of Unit Research Infrastructures Example of e-science challenges
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: Concordia University of Edmonton Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that
More informationWELCOME. to the 1 st online DG CONNECT NIPS Study workshop. July 25, 2013
WELCOME to the 1 st online DG CONNECT NIPS Study workshop July 25, 2013 2 DG CONNECT NIPS Study online workshop Agenda topics Timing Facilitator Introduction and practicalities of the workshop 5 min Dan
More informationIdentity and capability management and federation
Identity and capability management and federation The need to manage identities - 1 Increment of digital identity complexity Password, dynamic password, one-time password, based on portable secure devices
More information