Abstract
Grid middleware provides a way to integrate computational and storage resouces for supporting large-scale applications that span across multiple domains. Implicitly, Grid middlware eliminates the interoperability obstacle between different resources. However, with the emerging of a bunch of Grid middlewares, to provide interoperability between Grid middlewares themselves is an important challenge in production Grid infrasturtures. Web Service technologies (specifically, Simple Object Access Protocol) have been adopted in most of the Grid middlewares as the XML messaging protocol for the interoperability in the application layer. For other layers, standard protocols are also adopted for interoperability, e.g., HTTP is utilized as service transport protocol. On the other hand, security is a key issue that needs to be taken into account on each layer, for instance, WS-Security (Web Service Security) is considered as an augment on SOAP protocol for applying security to Web Services; GSI (Globus Security Infrastructure) is considered as an protocol for applying security to transport layer. We present the design consideration and implementation about how to provide flexible support for security protocols in the Advanced Resource Connector(ARC) Grid middleware, and this way clients or/and services developed in ARC middleware can easily interoperate with service/client developed in other middlewares, such as gLite and Globus Toolkit. Also, a flexible authorization framework is presented that can secure the Grid services with configurable authorization modules, as well as a variety of authorization policies.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Berman, F., Fox, G., Hey, T.: Grid Computing: Making the Global Infrastructure a Reality. John Wiley & Sons, Chichester (2003)
Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: A Security Architecture for Computational Grids. In: Proceedings of ACM Conference on Computers and Security, pp. 83–91. ACM, New York (1998)
Foster, I., Kesselman, C.: Globus: A Metacomputing Infrastructure Toolkit. Intl. J. Supercomputer Applications 11(2), 115–128 (1997)
gLite: Lightweight Middleware for Grid Computing, http://glite.web.cern.ch/glite/
Linn, J.: Generic Security Service Application Program Interface, Version 2. IN- TERNET RFC 2078 (1997)
GSS-API Extensions, http://www.ggf.org/documents/GFD.24.pdf
Marks, E., Bell, M.: Service Oriented Architecture: A Planning and Implementation Guide for Business and Technology. John Wiley & Sons, Chichester (2006)
Design document of new version ARC, https://www.knowarc.eu/documents/Knowarc_D1.1-1_07.pdf
Apache Axis web site, http://ws.apache.org/axis
van Engelen, R., Gallivan, K.: The gSOAP Toolkit for Web Services and Peer-To- Peer Computing Networks. In: Proceedings of the 2nd IEEE International Sympo- sium on Cluster Computing and the Grid (CCGrid 2002), Berlin, Germany, May 21-24, pp. 128–135. IEEE, Los Alamitos (2002)
KnowARC project web site, https://www.knowarc.eu/
Web Services Enhancements 2.0 Service Pack 2, http://msdn.microsoft.com/en-us/library/
OpenSSL: The Open Source toolkit for SSL/TLS, http://www.openssl.org/
Alfieri, R., Cecchini, R., Ciaschini, V., dell Agnello, L., Frohner, R., Lrentey, K., Spataro, F.: From gridmap-file to VOMS: managing authorization in a Grid environment. Future Generation Comp. Syst. 21(4), 549–558 (2005)
Shoshani, A., et al.: Storage Resource Managers: Recent International Experience on Requirements and Multiple Co-Operating Implementations. In: 24th IEEE Conference on Mass Storage Systems and Technologies (MSST 2007), San Diego, California, USA, September 2007. IEEE Computer Society, Los Alamitos (2007)
XACML specifications, http://www.oasis-open.org/specs/#xacmlv2.0
gLite authorization framework, https://twiki.cern.ch/twiki/bin/view/EGEE/AuthorizationFramework
SOAP Profile of XACML-SAML, http://www.switch.ch/grid/support/documents/xacmlsaml.pdf
Globus C WS Core web site, http://dev.globus.org/wiki/C_WS_Core
Cafaro, M., Lezzi, D., Fiore, S., Aloisio, G., van Engelen, R.: The GSI plug-in for gSOAP: building cross-grid interoperable secure grid services. In: Wyrzykowski, R., Dongarra, J., Karczewski, K., Wasniewski, J. (eds.) PPAM 2007. LNCS, vol. 4967, pp. 894–901. Springer, Heidelberg (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Qiang, W., Konstantinov, A., Ellert, M., Jin, H. (2010). Securing Interoperable Grid Services in ARC Grid Middleware. In: Bellavista, P., Chang, RS., Chao, HC., Lin, SF., Sloot, P.M.A. (eds) Advances in Grid and Pervasive Computing. GPC 2010. Lecture Notes in Computer Science, vol 6104. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13067-0_34
Download citation
DOI: https://doi.org/10.1007/978-3-642-13067-0_34
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13066-3
Online ISBN: 978-3-642-13067-0
eBook Packages: Computer ScienceComputer Science (R0)