Feb 13 – 17, 2006
Tata Institute of Fundamental Research
Europe/Zurich timezone

DIRAC Security Infrastructure

Feb 15, 2006, 4:40 PM
20m
Auditorium (Tata Institute of Fundamental Research)

Auditorium

Tata Institute of Fundamental Research

Homi Bhabha Road Mumbai 400005 India
oral presentation Grid middleware and e-Infrastructure operation Grid Middleware and e-Infrastructure Operation

Speaker

Mr Adrian Casajus Ramo (Departamento d' Estructura i Constituents de la Materia)

Description

DIRAC is the LHCb Workload and Data Management System and is based on a service-oriented architecture. It enables generic distributed computing with lightweight Agents and Clients for job execution and data transfers. DIRAC code base is 99% python with all remote requests handled using the XML-RPC protocol. DIRAC is used for the submission of production and analysis jobs by the LHCb collaboration. The current experience has shown peaks over five thousand concurrent jobs. Originally there was no security layer within DIRAC itself. In order to better conform with the requirements of distributed analysis a DIRAC security infrastructure has been designed for generic XML-RPC transport over a SSL tunnel. This new security layer is able to handle standard X509 certificates as well as grid-proxies to authenticate both sides of the connection. Server and client authentication relies on OpenSSL and pyOpenSSL, but to be able to handle grid-proxies it was necessary to introduce some modifications to those libraries. The DIRAC security infrastructure handles all authorization internally hence the programmer only has to define the authorization level required for accessing each method exposed by the server.

Primary authors

Mr Adrian Casajus Ramo (Departamento d' Estructura i Constituents de la Materia) Dr Ricardo Graciani Díaz (Departamento d' Estructura i Constituents de la Materia)

Presentation materials