Abstract
Grids are becoming economically viable and productive tools. They provide a way of utilizing a vast array of linked resources such as computing systems, databases and services online within Virtual Organizations (VO). However, today’s Grid architectures are not capable of supporting dynamic, agile federation across multiple administrative domains and the main barrier, which hinders dynamic federation over short time scales is security. Federating security and trust is one of the most significant architectural issues in Grids. Existing relevant standards and specifications can be used to federate security services, but do not directly address the dynamic extension of business trust relationships into the digital domain. In this paper we describe an experiment which highlights those challenging architectural issues and forms the basis of an approach that combines a dynamic trust federation and a dynamic authorization mechanism for addressing dynamic security trust federation in Grids. The experiment made with the prototype described in this paper is used in the NextGRID project to define the requirements of next generation Grid architectures adapted to business application needs.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
The Open Grid Services Architecture. V1.0 (July 2004) (February 2005), http://www.gridforum.org
EC IST Project 511563: The Next Generation Grid (September 2004), http://www.nextgrid.org
The NextGRID Architecture Straw Man (September 2004), http://www.nextgrid.org
Brashear, D.J., Hornstein, K., Ihren, J., et al.: Heimdal Kerberos (February 5, 2005), http://www.pdc.kth.se/heimdal/heimdal.html
Kaler, C., et al.: Web Services Security X.509 Certificate Token Profile (March 1, 2004) (February 2005), http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0.pdf
EC Project IST-2001-33240 Grid Resources for Industrial Applications (April 2005), http://www.gria.org/forthecurrentGRIAmiddlewareversion
Surridge, M., Taylor, S.J., Marvin, D.J.: Grid Resources for Industrial Applications. In: Proceedings of 2004 IEEE International Conference on Web Services, San Diego, USA, pp. 402–409 (2004)
Surridge, M., Taylor, S.J., De Roure, D., Zaluska, E.J.: Experiences with GRIA - Industrial applications on a web services Grid. In: Proceedings of 1st IEEE Conference on e-Science and Grid Computing, Melbourne, Australia (December 2005)
RFC3820 (April 2005), http://www.ietf.org/rfc/rfc3820.txt
Kaler, C.: Web Services Security (WS-Security) v1.0 (April 2002) (April 2005), http://www-106.ibm.com/developerworks/webservices/library/ws-secure/
Anderson, S., Bohren, J., et al.: Web Services Trust Language (WS-Trust) v1.1 (May 2004) (April 2005), http://www-106.ibm.com/developerworks/webservices/library/ws-trust
Kaler, C., Nadalin, A.: Web Services Federation Language (WS-Federation) (July 2003) (April 2005), http://www-106.ibm.com/developerworks/webservices/library/ws-fed/
Cohen, F.: Debunking SAML myths and misunderstandings, IBM developerWorks (July 08, 2003) (April 2005), http://www-106.ibm.com/developerworks/xml/library/x-samlmyth.html
The IETF has published generic AAA specifications as RFC2903 (architecture) and RFC2904 (framework) (April 2005), http://www.ietf.org/rfc/rfc2903.txt http://www.ietf.org/rfc/rfc2904.txt
IETF draft, PKIX (April 2005), http://www.ietf.org/internet-drafts/draft-ietf-pkix-certstore-http-08.txt
GEMSS project (April 2005), http://www.gemss.de
Comb-e-Chem project (April 2005), http://www.comb-e-chem.org
De Roure D., et al.: The semantic Grid: a future e-Science infrastructure (2002) (April 2005), http://www.semanticgrid.org/documents/semgrid-journal/semgrid-journal.pdf
The Global Grid Forum (April 2005), http://www.gridforum.org
Foster, I., Kesselman, C., Tuecke, S.: The Anatomy of the Grid: Enabling Scalable Virtual Organizations (April 2005), http://www.globus.org/research/papers/anatomy.pdf
Brooke, J., Garwood, K., Goble, C.: Interoperability of Grid Resource Descriptions: A Semantic Approach (April 2005), http://www.semanticgrid.org/GGF/ggf9/john/
TERENA Task Force on Authentication, Authorisation Coordination for Europe (February 2005), http://www.terena.nl/tech/task-forces/tf-aace/
Welch, V.: Globus Toolkit Firewall Requirements (April 2005), http://www.globus.org/security/v2.0/firewalls.html
Cantor, S., Carmody, S., Erdos, M., et al.: Shibboleth v 1.2.1 (February 2005), http://shibboleth.internet2.edu/shibboleth-documents.html
Moses, T.: eXtensible Access Control Markup Language (XACML) Version 2.0 draft 04 (December 2004) (April 2005), http://www.oasis-open.org/committees/xacml
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ahsant, M., Surridge, M., Leonard, T., Krishna, A., Mulmo, O. (2006). Dynamic Trust Federation in Grids. In: Stølen, K., Winsborough, W.H., Martinelli, F., Massacci, F. (eds) Trust Management. iTrust 2006. Lecture Notes in Computer Science, vol 3986. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11755593_2
Download citation
DOI: https://doi.org/10.1007/11755593_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-34295-3
Online ISBN: 978-3-540-34297-7
eBook Packages: Computer ScienceComputer Science (R0)