Flexible and extendable mechanism enabling secure access to e-infrastructures and storage of confidential data for the gridspace2 virtual laboratory

Authors:
Jan Meizner;Eryk Ciepiela;Piotr Nowakowski;Joanna Kocot;Maciej Malawski;Marian Bubak
Affiliations:
ACC Cyfronet AGH, AGH University of Science and Technology, Kraków, Poland;ACC Cyfronet AGH, AGH University of Science and Technology, Kraków, Poland;ACC Cyfronet AGH, AGH University of Science and Technology, Kraków, Poland;ACC Cyfronet AGH, AGH University of Science and Technology, Kraków, Poland;Faculty of Electrical Engineering, Automatics, Computer Science and Electronics, Department of Computer Science, AGH University of Science and Technology, Kraków, Poland;Faculty of Electrical Engineering, Automatics, Computer Science and Electronics, Department of Computer Science, AGH University of Science and Technology, Kraków, Poland
Venue:
Building a National Distributed e-Infrastructure - PL-Grid
Year:
2012

Citing 7
Cited 1

The MyProxy online credential repository: Research Articles

Software—Practice & Experience - Grid Security
ShibGrid: Shibboleth Access for the UK National Grid Service

E-SCIENCE '06 Proceedings of the Second IEEE International Conference on e-Science and Grid Computing
Complex System Simulations with QosCosGrid

ICCS '09 Proceedings of the 9th International Conference on Computational Science: Part I
ViroLab Security and Virtual Organization Infrastructure

APPT '09 Proceedings of the 8th International Symposium on Advanced Parallel Processing Technologies
Towards professional service operations in grids

Building a National Distributed e-Infrastructure - PL-Grid
New capabilities in qoscosgrid middleware for advanced job management, advance reservation and co-allocation of computing resources --- quantum chemistry application use case

Building a National Distributed e-Infrastructure - PL-Grid
Managing entire lifecycles of e-science applications in the gridspace2 virtual laboratory --- from motivation through idea to operable web-accessible environment built on top of PL-Grid e-infrastructure

Building a National Distributed e-Infrastructure - PL-Grid

User-Oriented provisioning of secure virtualized infrastructure

Building a National Distributed e-Infrastructure - PL-Grid

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper describes the security framework used by the GridSpace2 platform. The framework needs to restrict access to the Experiment Workbench to authorized users only as well as enable scientists to use multiple resources --- computers (such as clusters, grids and clouds) and data, like e.g. relational database management systems (RDBMSes). The paper analyzes the appropriate technologies, details the proposed solution and summarizes the results of our research and development of flexible and extensible security solutions for scientists who need transparent access to heterogeneous compute and data resources. Additionally, as part of this paper, a wallet mechanism is described which enables secure storage of arbitrary confidential data such as credentials for external services.