 |
 |
ABOUT OGF l RESOURCE CENTER l OGF EVENTS l DOCUMENTS l AREAS/GROUPS | |
| MEMBERS l NEWS/CALENDAR l CONTACT US l SITE MAP | ||
| Community Presentations |
|
GridWorld/GGF15 Community Activity: Leveraging
Site Infrastructute for Multi-Site Grids Virtual organizations (VOs) need a variety of information services to provide their structure. For example, it is typical for a Grid to have a certificate authority to provide identity information, an attribute authority to provide information regarding the roles of their users and a resource directory that provides an enumeration of the resources available to the VO. When a VO spans a number of underlying organizations (as opposed to a Grid deployed at a single campus), the best practice today is for the VO to establish their own services to enable its day-to-day functioning. Deploying and operating these services in a security, reliable manner is non-trivial, especially for small to medium virtual organizations, particularly when one considers that these services have a number of security implications in terms of being consulted as part of authorization decisions by end resources. However, there have been some steps in the Grid community to allow for these services to be provided by leveraging and federation the services already provided by the sites on which the VO is based. For example, Fermilab provides a Kerberos CA allowing other sites in a VO to base their Grid authentication on the Kerberos authentication infrastructure already deployed at Fermilab. And campus infrastructures are increasingly deploying outward-facing infrastructure such as Shibboleth, which has several initial efforts focusing on interoperability with existing Grid technologies (Condor and the Globus Toolkit). In this workshop we will explore the how VOs spanning multiple sites can benefit from increased leveraging of the infrastructure of those sites. We will consider both traditional high-performance computing sites as well as other types of institutions such as academic campuses. We will also explore some of the challenges involved in this model, for example: • There are no ubiquitous standards for site authentication, attribute, directory, etc. infrastructure. This implies that we need translation mechanisms to achieve interoperability. What translation mechanisms exist today and how well to they work? • While some information that sites can provide, such as identifiers for authentication, is generic and can be easily consumed by a VO, the VO may need to define other strucuture, such as roles for its users, which is not something sites possess today. How can a VO define this information, while still using the site infrastructures to propagate it? • Many sites have privacy concerns regarding information about their users. How can sites share information with VOs while addressing these concerns? The workshop plans to produce an informational document
capturing the following: Agenda: Confirmed Speakers: Workshop organizers:
|
Contact
Webmaster. |