ABSTRACT
This paper proposes the security infrastructure for user-controlled Virtual Workspace Service (VWSS-UC) that comprises of three layers: trusted computing platform, secure virtualised workspace, and user aplication. The suggestions on the technology selection are provided for the first two layers: industry adopted Trusted Computing (TCG) platform, and Virtual Workspace Service (VWSS) developed in the framework of the Globus Toolkit. Solutions and implementation are proposed and discussed for the application authorisation session security context management. The paper is based on experiences gained from major Grid based projects such as EGEE, Globus Toolkit, and Phosphorus.
- Virtual Workspaces. {Online}. Available: http://workspace.globus.org/index.htmlGoogle Scholar
- Trusted Computing Group (TCG). {Online}. Available: https://www.trustedcomputinggroup.org/homeGoogle Scholar
- Generic Authorization Authentication and Accounting. {Online}. Available: http://www.science.uva.nl/research/ air/projects/aaa/Google Scholar
- Demchenko Y., L. Gommans, C. de Laat. Extending User-Controlled Security Domain with TPM/TCG in Grid-based Virtual Collaborative Environment. Accepted paper. The 2007 International Symposium on Collaborative Technologies and Systems (CTS 2007) (Orlando, FL, USA, May 21--25, 2007).Google ScholarCross Ref
- GT 4.0: Security: Authorization Framework. {Online}. Available: http://www.globus.org/toolkit/docs/4.0/security/authzframe/Google Scholar
- Developer's guide for the gLite Java Authorisation Framework - https://edms.cern.ch/document/501718Google Scholar
- Demchenko Y., L. Gommans, C. de Laat. Using SAML and XACML for Complex Resource Provisioning in Grid based Applications. Accepted paper. IEEE Workshop on Policies for Distributed Systems and Networks (POLICY 2007) (Bologna, Italy, 13--15 June 2007). Google ScholarDigital Library
Index Terms
- Security and dynamics in customer controlled virtual workspace organisation
Recommendations
Dynamic security context management in Grid-based applications
This paper summarises ongoing research and recent results on the development of flexible access control infrastructure for complex resource provisioning in Grid-based collaborative applications and on-demand network services provisioning. The paper ...
Re-thinking Grid Security Architecture
ESCIENCE '08: Proceedings of the 2008 Fourth IEEE International Conference on eScienceThe security models used in Grid systems today strongly bear the marks of their diverse origin. Historically retrofitted to the distributed systems they are designed to protect and control, the security model is usually limited in scope and ...
The MOSFET Virtual Organisation: Grid Computing for Simulation in Nanoelectronics
E-SCIENCE '09: Proceedings of the 2009 Fifth IEEE International Conference on e-ScienceThe next substitution of the XDEnabling Grids for E-sciencE project (EGEE) in 2010 by the European Grid Initiative (EGI), where grid infrastructure of each country will be run by National Grid Initiatives (NGI), is giving a boost to the NGI development. ...
Comments