Grid Security Infrastructure
- Grid Security Infrastructure
The Grid Security Infrastructure (GSI), formerly called the Globus Security Infrastructure, is a specification for secret, tamper-proof, delegatable communication between software in a grid computing environment. Secure, authenticatable communication is enabled using asymmetric encryption.
Authentication
Authentication is performed using digital signature technology (see digital signatures for an explanation of how this works); secure authentication allows resources to lock data to only those who should have access to it.
Delegation
Authentication introduces a problem: often a service will have to retrieve data from a resource independent of the user; in order to do this, it must be supplied with the appropriate privileges. GSI allows for the creation of delegated privileges: a new key is created, marked as a delegated and signed by the user; it is then possible for a service to act on behalf of the user to fetch data from the resource.
Security Mechanisms
Communications may be secured using a combination of methods:
* Transport Layer Security (TLS) can be used to protect the communication channel from eavesdropping or man-in-the-middle attacks.
* Message-Level Security can be used (although currently it is much slower than TLS).
References
* [ftp://ftp.globus.org/pub/globus/papers/security.pdf A Security Infrastructure for Computational Grids] by Ian Foster et al.
* [http://www.globus.org/alliance/publications/papers/butler.pdf A National-Scale Authentication Infrastructure] by Randy Butler et al.
External links
* [http://www.globus.org/security/overview.html Overview of the Grid Security Infrastructure]
Wikimedia Foundation.
2010.
Look at other dictionaries:
Grid computing — is a term referring to the combination of computer resources from multiple administrative domains to reach a common goal. The grid can be thought of as a distributed system with non interactive workloads that involve a large number of files. What … Wikipedia
Open Grid Services Infrastructure — The Open Grid Services Infrastructure (OGSI) was published by the Global Grid Forum (GGF) as a proposed recommendation in June 2003.[1] It was intended to provide an infrastructure layer for the Open Grid Services Architecture (OGSA). OGSI takes… … Wikipedia
Grid-oriented storage — (GOS) is a dedicated data storage architecture which can be connected directly to a computational grid to support advanced data bank services and reservoirs for data that can be shared among multiple computers and end users on the grid.… … Wikipedia
Grid-Computing — ist eine Form des verteilten Rechnens, bei der ein virtueller Supercomputer aus einem Cluster lose gekoppelter Computer erzeugt wird. Es wurde entwickelt, um rechenintensive wissenschaftliche – insbesondere mathematische – Probleme zu lösen.… … Deutsch Wikipedia
Grid Computing — Dieser Artikel oder Abschnitt bedarf einer Überarbeitung. Näheres ist auf der Diskussionsseite angegeben. Hilf mit, ihn zu verbessern, und entferne anschließend diese Markierung. Grid Computing ist eine Form des verteilten Rechnens, bei der ein… … Deutsch Wikipedia
Grid computing — Dieser Artikel oder Abschnitt bedarf einer Überarbeitung. Näheres ist auf der Diskussionsseite angegeben. Hilf mit, ihn zu verbessern, und entferne anschließend diese Markierung. Grid Computing ist eine Form des verteilten Rechnens, bei der ein… … Deutsch Wikipedia
Grid MP — Developer(s) Univa (formerly known as United Devices, Inc) Stable release 5.6 / July 2008 Operating system Linux, Windows, Mac OS X, AIX, Solaris, HP UX … Wikipedia
Grid plan — A simple grid plan road map (Windermere, Florida). Surveyor s plan of Salt Lake City, ci … Wikipedia
Infrastructure — Public infrastructure Assets and facilities Airports · Bridges · Broadband … Wikipedia
D-Grid — The D Grid Initiative (German Grid Initiative) builds a sustainable grid infrastructure for education and research (e Science) in Germany. The D Grid infrastructure will help to establish methods of e Science in three core areas: Grid Computing… … Wikipedia
