Mar 21 – 27, 2009
Europe/Prague timezone

DIRAC Secure Distributed Platform

Mar 23, 2009, 8:00 AM


Prague Congress Centre 5. května 65, 140 00 Prague 4, Czech Republic
Board: Monday 010
poster Software Components, Tools and Databases Poster session


Mr Adrian Casajus Ramo (Departament d' Estructura i Constituents de la Materia)


DIRAC, the LHCb community Grid solution, provides access to a vast amount of computing and storage resources to a large number of users. In DIRAC users are organized in groups with different needs and permissions. In order to ensure that only allowed users can access the resources and to enforce that there are no abuses, security is mandatory. All DIRAC services and clients use secure connections that are authenticated using certificates and grid proxies. Once a client has been authenticated, authorization rules are applied to the requested action based on the presented credentials. These authorization rules and the list of users and groups are centrally managed in the DIRAC Configuration Service. Users submit jobs to DIRAC using their local credentials. From then on, DIRAC has to interact with different Grid services on behalf of this user. DIRAC has a proxy management service where users upload short-lived proxies to be used when DIRAC needs to act on behalf of them. Long duration proxies are uploaded by users to MyProxy service, and DIRAC retrieves new short delegated proxies when necessary. This contribution discusses the details of the implementation of this security infrastructure in DIRAC.
Presentation type (oral | poster) oral

Primary authors

Mr Adrian Casajus Ramo (Departament d' Estructura i Constituents de la Materia) Dr Ricardo Graciani (Departament d' Estructura i Constituents de la Materia)

Presentation materials