The grid: blueprint for a new computing infrastructure
The grid: blueprint for a new computing infrastructure
Application Experiences with the Globus Toolkit
HPDC '98 Proceedings of the 7th IEEE International Symposium on High Performance Distributed Computing
Constructing the ASCI Computational Grid
HPDC '00 Proceedings of the 9th IEEE International Symposium on High Performance Distributed Computing
Information Security Tech. Report
Security in grid computing: A review and synthesis
Decision Support Systems
EGSI: TGKA Based Security Architecture for Group Communication in Grid
CCGRID '10 Proceedings of the 2010 10th IEEE/ACM International Conference on Cluster, Cloud and Grid Computing
Hi-index | 0.00 |
Porting a complex secure application from one security infrastructure to another is often difficult or impractical. Grid security associated with the Globus toolkit is supported by a Grid Security Infrastructure (GSI) based on a Public Key Infrastructure where users authenticate to the grid using X509 certificates. Kerberos security is based on a trusted third party, secret key infrastructure where users authenticate using encrypted tickets. However, both GSI and Kerberos provide a Generic Security Services Application Program Interface (GSSAPI) for source code portability. We describe the porting of our Globus system from GSI security to Kerberos V5 security, and the Kerberos modifications necessary to achieve that portability. Our case study provides details and insights that will be of value to developers and designers interested in GSSAPI portability. We conclude, based on our results, that designers of network security software should strive to accommodate the GSSAPI.