27 September 2004 to 1 October 2004
Interlaken, Switzerland
Europe/Zurich timezone

On the Management of Certification Authority in Large Scale GRID Infrastructure

29 Sept 2004, 10:00
1h
Coffee (Interlaken, Switzerland)

Coffee

Interlaken, Switzerland

Board: 70
poster Track 4 - Distributed Computing Services Poster Session 2

Speaker

E. Berdnikov (INSTITUTE FOR HIGH ENERGY PHYSICS, PROTVINO, RUSSIA)

Description

The scope of this work is the study of scalability limits of the Certification Authority (CA), running for large scale GRID environments. The operation of Certification Authority is analyzed from the view of the rate of incoming requests, complexity of authentication procedures, LCG security restrictions and other limiting factors. It is shown, that standard CA operational model has some native "bottlenecks", which can be resolved with proper management and technical tools. The central point is the discussion of "decentralized" scheme with single CA and multiple authentication agents, called Registration Authorities (RA). Single CA retains a role for technical center, responsible for support of GRID security infrastructure, while general role of RAs is verification of requests from end-users. Practical implementation of this scheme (including the development and installation of end-user software) have been done in CERN in 2002 (http://service-grid-ca.web.cern.ch/service-grid-ca/help/RA.html). Second implementation of the same ideas was the GRID project of the Russia Ministry of Atomic Energy, 2003 (http://grid.ihep.su/MAG/). These two implementations are compared in aspects of security and functionality.

Primary author

E. Berdnikov (INSTITUTE FOR HIGH ENERGY PHYSICS, PROTVINO, RUSSIA)

Presentation materials

There are no materials yet.