Flexible and Extendable Mechanism Enabling Secure Access to e-Infrastructures and Storage of Confidential Data for the GridSpace2 Virtual Laboratory

  • Jan Meizner
  • Eryk Ciepiela
  • Piotr Nowakowski
  • Joanna Kocot
  • Maciej Malawski
  • Marian Bubak
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7136)


This paper describes the security framework used by the GridSpace2 platform. The framework needs to restrict access to the Experiment Workbench to authorized users only as well as enable scientists to use multiple resources – computers (such as clusters, grids and clouds) and data, like e.g. relational database management systems (RDBMSes). The paper analyzes the appropriate technologies, details the proposed solution and summarizes the results of our research and development of flexible and extensible security solutions for scientists who need transparent access to heterogeneous compute and data resources. Additionally, as part of this paper, a wallet mechanism is described which enables secure storage of arbitrary confidential data such as credentials for external services.


security clusters grids virtual laboratory wallet clouds 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ciepiela, E., Harężlak, D., Kocot, J., Bartyński, T., Kasztelnik, M., Nowakowski, P., Gubała, T., Malawski, M., Bubak, M.: Exploratory programming in the virtual laboratory. In: Proceedings of the International Multiconference on Computer Science and Information Technology, Wisla, Poland, pp. 621–628 (2010)Google Scholar
  2. 2.
    GridSpace technology homepage,
  3. 3.
    The PL-Grid Project,
  4. 4.
    Meizner, J., Malawski, M., Ciepiela, E., Kasztelnik, M., Harężlak, D., Nowakowski, P., Król, D., Gubała, T., Funika, W., Bubak, M., Mikołajczyk, T., Płaszczak, P., Wilk, K., Assel, M.: ViroLab Security and Virtual Organization Infrastructure. In: Dou, Y., Gruber, R., Joller, J.M. (eds.) APPT 2009. LNCS, vol. 5737, pp. 230–245. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  5. 5.
    OpenPBS (original homepage not maintained),
  6. 6.
  7. 7.
  8. 8.
  9. 9.
  10. 10.
    European Grid Infrastructure,
  11. 11.
    Basney, J., Humphrey, M., Welch, V.: The MyProxy online credential repository. Softw., Pract. Exper. 35(9), 801–816 (2005)CrossRefGoogle Scholar
  12. 12.
    Meizner, J., Malawski, M., Bubak, M.: Flexible and Secure Access to Computing Clusters. Computer Science, Annual of University of Science and Technology 11, 21–36 (2010)Google Scholar
  13. 13.
    Barton, T., Basney, J., Freeman, T., Scavo, T., Siebenlist, F., Welch, V., Ananthakrishnan, R., Baker, B., Goode, M., Keahey, K.: Identity federation and attribute-based authorization through the globus toolkit, shibboleth, gridshib, and MyProxy. In: 5th Annual PKI R&D Workshop (April 2006)Google Scholar
  14. 14.
    Spence, D., Geddes, N., Jensen, J., Richards, A., Viljoen, M., Martin, A., Dovey, M., Norman, M., Tang, K., Trefethen, A., Wallom, D., Allan, R., Meredith, D.: ShibGrid: Shibboleth access for the UK national grid service, p. 75 (December 2006),
  15. 15.
    Distributed European Infrastructure for Supercomputing Applications,
  16. 16.
    Uniform Interface to Computing Resources,
  17. 17.
    Multiscale Applications on European e-Infrastructures,
  18. 18.
    CILogon – GridShib,
  19. 19.
    CILogon – GridShib-CA,
  20. 20.
    GO Teragrid Portal,
  21. 21.
  22. 22.
  23. 23.
    Christian Grothoff, GNU libmicrohttpd,
  24. 24.
    Free Software Foundation, GnuPG – Libraries (libgcrypt),
  25. 25.
    Kurowski, K., de Back, W., Dubitzky, W., Gulyás, L., Kampis, G., Mamonski, M., Szemes, G., Swain, M.: Complex System Simulations with QosCosGrid. In: Allen, G., Nabrzyski, J., Seidel, E., van Albada, G.D., Dongarra, J., Sloot, P.M.A. (eds.) ICCS 2009, Part I. LNCS, vol. 5544, pp. 387–396. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  26. 26.
    University of Chicago, Overview of the Grid Security Infrastructure,
  27. 27.
  28. 28.
    Ciepiela, E., Nowakowski, P., Kocot, J., Harężlak, D., Gubała, T., Meizner, J., Kasztelnik, M., Bartyński, T., Malawski, M., Bubak, M.: Managing Entire Lifecycles of e-Science Applications in the GridSpace2 Virtual Laboratory – From Motivation through Idea to Operable Web-Accessible Environment Built on Top of PL-Grid e-Infrastructure. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 228–239. Springer, Heidelberg (2012)Google Scholar
  29. 29.
    Radecki, M., Szepieniec, T., Szymocha, T., Szopa, M., Krakowian, M.: Towards Professional Service Operations in Grids. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 27–39. Springer, Heidelberg (2012)Google Scholar
  30. 30.
    Bosak, B., Komasa, J., Kopta, P., Kurowski, K., Mamoński, M., Piontek, T.: New Capabilities in QosCosGrid Middleware for Advanced Job Management, Advance Reservation and Co-allocation of Computing Resources – Quantum Chemistry Application Use Case. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 40–55. Springer, Heidelberg (2012)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Jan Meizner
    • 1
  • Eryk Ciepiela
    • 1
  • Piotr Nowakowski
    • 1
  • Joanna Kocot
    • 1
  • Maciej Malawski
    • 2
  • Marian Bubak
    • 2
    • 3
  1. 1.ACC Cyfronet AGHAGH University of Science and TechnologyKrakówPoland
  2. 2.Faculty of Electrical Engineering, Automatics, Computer Science and Electronics, Department of Computer ScienceAGH University of Science and TechnologyKrakówPoland
  3. 3.Informatics InstituteUniversity of AmsterdamThe Netherlands

Personalised recommendations