Speaker
Don Petravick
(FNAL)
Description
Computing in High Energy Physics and other sciences is quickly moving toward the Grid
paradigm, with resources being distributed over hundreds of independent pools
scattered over the five continents. The transition from a tightly controlled,
centralized computing paradigm to a shared, widely distributed model, while bringing
many benefits, has also introduced new problems, a major one being the handling of
trust between participating parties.
The trust problem has been recognized since the beginning of the Grid movement, and a
lot of thought has been put into developing the infrastructure for handling trust
between resource providers and users. In particular, recognizing the size of the problem,
the trust handling has been split into two pieces;
a) between final users and Virtual Organizations (VOs), and
b) between VOs and resource providers.
However, the above mentioned split has only been tackling the scalability issue, and
very little thought has gone into understanding the trust relationship problems that
a VO itself introduces. In particular, most VOs run dozens of services, many of them
handling user binaries and user credentials.
Such services are obviously critical both for the final users as well as for the
security health of the whole Grid; a compromised service could easily generate a
major security incident. In spite of this, there is very little, if any, formal
process in place to maintain the necessary level of trust.
This presentation will give an introduction to the problem of VO trust as well as an
overview of the possible solutions.
Author
Irwin Gaines
(FNAL)
Co-authors
Don Petravick
(FNAL)
Igor Sfiligoi
(FNAL)
