JClarens: A Java Based Interactive Physics Analysis Environment for Data Intensive Applications
ICWS '04 Proceedings of the IEEE International Conference on Web Services
GridSphere: An Advanced Portal Framework
EUROMICRO '04 Proceedings of the 30th EUROMICRO Conference
A medical diagnostic and treatment advice system for the provision of home care
Proceedings of the 1st international conference on PErvasive Technologies Related to Assistive Environments
Vulnerabilities leading to denial of services attacks in grid computing systems: a survey
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Proceedings of the 2011 TeraGrid Conference: Extreme Digital Discovery
GiPS: a grid portal for executing java applications on globus-based grids
ISPA'07 Proceedings of the 5th international conference on Parallel and Distributed Processing and Applications
Hi-index | 0.00 |
Grid portals are an increasingly popular mechanism for creating customizable, Web-based interfaces to Grid services and resources. Due to the powerful, general-purpose nature of Grid technology, the security of any portal or entry point to such resources cannot be taken lightly. This is particularly true if the portal is running inside of a trusted perimeter, such as a Science Gateway running on an SDSC machine for access to the TeraGrid. To evaluate the current state of Grid portal security, we undertake a comparative analysis of the three most popular Grid portal frameworks that are being pursued as frontends to the TeraGrid: GridSphere, OGCE and Clarens. We explore general challenges that Grid portals face in the areas of authentication (including user identification), authorization, auditing (logging) and session management then contrast how the different Grid portal implementations address these challenges. We find that although most Grid portals address these security concerns to a certain extent, there is still room for improvement, particularly in the areas of secure default configurations and comprehensive logging and auditing support. We conclude with specific recommendations for designing, implementing and configuring secure Grid portals.