Sep 2 – 9, 2007
Victoria, Canada
Europe/Zurich timezone
Please book accomodation as soon as possible.

The GridSite security architecture

Sep 6, 2007, 2:40 PM
20m
Carson Hall C (Victoria, Canada)

Carson Hall C

Victoria, Canada

oral presentation Grid middleware and tools Grid middleware and tools

Speaker

Dr Andrew McNab (University of Manchester)

Description

Components of the GridSite system are used within WLCG and gLite to process security credentials and access policies. We describe recent extensions to this system to include the Shibboleth authentication framework of Internet2, and how the GridSite architecture can now import a wide variety of credential types, including onetime passcodes, X.509, GSI, VOMS, Shibboleth and OpenID and then apply a single access policy to determine the subset of rights to be granted to particular request or session, controlled by policies written in the GACL or XACML langauges. Finally, we provide examples of using GridSite and Apache to host web services for High Energy Physics grids written in C/C++/Scripts, as well as Java, and show how this one architecture has been used for purely interactive websites such as www.gridpp.ac.uk, for sites that are a mixture of human-generated and automated monitoring such as the LCG GOC Database, and for web services for grids such as the gLite WMProxy service.
Submitted on behalf of Collaboration (ex, BaBar, ATLAS) GridPP

Primary author

Dr Andrew McNab (University of Manchester)

Presentation materials