Don Petravick (FNAL)
Computing in High Energy Physics and other sciences is quickly moving toward the Grid paradigm, with resources being distributed over hundreds of independent pools scattered over the five continents. The transition from a tightly controlled, centralized computing paradigm to a shared, widely distributed model, while bringing many benefits, has also introduced new problems, a major one being the handling of trust between participating parties. The trust problem has been recognized since the beginning of the Grid movement, and a lot of thought has been put into developing the infrastructure for handling trust between resource providers and users. In particular, recognizing the size of the problem, the trust handling has been split into two pieces; a) between final users and Virtual Organizations (VOs), and b) between VOs and resource providers. However, the above mentioned split has only been tackling the scalability issue, and very little thought has gone into understanding the trust relationship problems that a VO itself introduces. In particular, most VOs run dozens of services, many of them handling user binaries and user credentials. Such services are obviously critical both for the final users as well as for the security health of the whole Grid; a compromised service could easily generate a major security incident. In spite of this, there is very little, if any, formal process in place to maintain the necessary level of trust. This presentation will give an introduction to the problem of VO trust as well as an overview of the possible solutions.
Irwin Gaines (FNAL)