Abstract
Authentication interoperability between the UNICORE grid middleware system and other Grid middleware systems is addressed. An approach to extending the UNICORE authentication model to support a proxy certificate (RFC3280) profile is presented. This optional feature can then be enabled based on site policy. Furthermore, the addition capacitates further advances related to authorization. With interoperability becoming a key issue in many production environments, extending the generality of UNICORE in this way opens up the possibility of direct and general interoperability scenarios.
Chapter PDF
Similar content being viewed by others
References
Housley, R., Polk, W., Ford, W., Solo, D.: Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate Profile (2002), http://www.ietf.org/rfc/rfc3820.txt
Open Middleware Infrastructure Institute for Europe. Project no: RI031844–OMII-Europe, http://omii-europe.org
UNICORE: release 5, http://www.unicore.eu
Romberg, M.: The unicore architecture: Seamless access to distributed resources. In: Proceedings of the 8th IEEE International Symposium on High Performance Distributed Computing (HPDC-1999) (1999)
OpenSSL, http://www.openssl.org/
Java Secure Socket Extension (JSSE) Reference Guide for the Java 2 SDK, Standard Edition, v 1.4.2, http://java.sun.com/products/jsse/reference/docs
Castle, B.: Java crypto api, http://www.bouncycastle.org/
The Java Commodity Grid Kit (v1.4). http://www-unix.globus.org/cog/distribution/1.4/api/index.html
Farrell, S., Housley, R.: An internet attribute certificate profile for authorization, http://www.ietf.org/rfc/rfc3281.txt
Riedel, M., Mallmann, D.: Standardization processes of the unicore grid system. In: Proceedings of 1st Austrian Grid Symposium, pp. 191–203. Austrian Computer Society, Schloss Hagenberg, Austria (2005), http://www.fz-juelich.de/zam/vsgc/pub/riedel-2006-SPU.pdf
Anjomshoaa, A., Brisard, F., Drescher, M., Fellows, D., Ly, A., McGough, S., Pulsipher, D., Savva, A.: Job submission description language (jsdl) specification, version 1.0., http://www.ogf.org/documents/GFD.56.pdf
Russel, M., et al.: Transformation of JSDL into UNICORE AJOs. Poznan Supercomputing & Network Center. Personal Communication (March 2007)
Ciaschini, V.: A VOMS Attribute Certificate Profile for Authorization (2007), http://egee-jra-data.web.cern.ch/egee-jra1-data/glite-stable/stage/share/doc/voms/AC-RFC.pdf
Montes, J.A.M., Bernal, F.M., Sanchez, J.M.R.: The OpenPMI project: OpenSSL+AC, http://openpmi.sourceforge.net/
Levitte, R.: Official Support of Attribute Certificate Profiles in OpenSSL. Private communication (May 2007)
Authors, V.: Linux extended attributes and acls, http://acl.bestbits.at/
Snelling, D., van de Berge, S., Li, V.: Explicit trust delegation: Security for dynamic grids. FUJITSU Scientific and Technical Journal 40(2), 282–294 (2004)
Condor, High Throughput Computing Project, http://www.cs.wisc.edu/condor/
Nakada, H., Yamada, M., Itou, Y., Nakano, Y., Matsuoka, S., Frey, J.: Design and Implementation of Condor-UNICORE Bridge
The Condor-G Project, http://www.cs.wisc.edu/condor/condorg/
Basney, J., Humphrey, M., Welch, V.: The MyProxy Online Credential Repository. Software: Practice and Experience 35(9), 801–816 (2005)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Stamou, K., Hedman, F., Iliopoulos, A. (2008). Extending UNICORE 5 Authentication Model by Supporting Proxy Certificate Profile Extensions. In: Bougé, L., et al. Euro-Par 2007 Workshops: Parallel Processing. Euro-Par 2007. Lecture Notes in Computer Science, vol 4854. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-78474-6_14
Download citation
DOI: https://doi.org/10.1007/978-3-540-78474-6_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-78472-2
Online ISBN: 978-3-540-78474-6
eBook Packages: Computer ScienceComputer Science (R0)