Security in grid computing: A review and synthesis
Decision Support Systems
Supporting Security-Oriented, Collaborative nanoCMOS Electronics Research
ICCS '08 Proceedings of the 8th international conference on Computational Science, Part I
Shibboleth-based Access to and Usage of Grid Resources
GRID '06 Proceedings of the 7th IEEE/ACM International Conference on Grid Computing
Development and Support of Platforms for Research into Rare Diseases
CCGRID '10 Proceedings of the 2010 10th IEEE/ACM International Conference on Cluster, Cloud and Grid Computing
EGSI: TGKA Based Security Architecture for Group Communication in Grid
CCGRID '10 Proceedings of the 2010 10th IEEE/ACM International Conference on Cluster, Cloud and Grid Computing
A standards-based interoperable single sign-on framework in ARC Grid middleware
Journal of Network and Computer Applications
Hi-index | 0.00 |
Simplifying access to and usage of large scale compute resources via the Grid is of critical importance to encourage the uptake of e-Research. Security is one aspect that needs to be made as simple as possible for end users. The ESP-Grid and DyVOSE projects at the National e-Science Centre (NeSC) at the University of Glasgow are investigating security technologies which will make the enduser experience of using the Grid easier and more secure. In this paper we outline how simplified (from the user experience) authentication and authorization of users are achieved through single usernames and passwords at users' home institutions. This infrastructure, which will be applied in the second year of the Grid Computing module part of the advanced MSc in Computing Science at the University of Glasgow, combines Grid portal technology, the Internet2 Shibboleth Federated Access Control infrastructure, and the PERMIS Role-Based Access Control technology. Through this infrastructure inter-institutional teaching can be supported where secure access to federated resources is made possible between sites. A key aspect of the work we describe here is the ability to support dynamic delegation of authority whereby local/remote administrators are able to dynamically assign meaningful privileges to remote/local users respectively in a trusted manner thus allowing for the dynamic establishment of virtual organizations with fine grained security at their heart.