| Monday, June 2 |
| 5:30 pm - 6:15 pm | |
| |
Firewall Virtualization for Grid Applications BOF
(45 mins)
Inder Monga and Ralph Niederberger
View Participants
Grid Computing expounds the vision of applications having on-demand, ubiquitous access to distributed services running on diverse, managed resources like computation, storage, instruments, networks among others. As grids move towards forming dynamic, seamless Virtual Organizations (VOs) using distributed resources across networks that are owned by multiple administrators, firewall policies tend to interfere with its formation.
The dynamic nature of Grid VO formation, policy-driven grid resource management and scheduling of grid resources all indicate the strong need to have an application-driven dynamic port opener. This function should work when the connection request generator is inside or outside the trusted firewall domain. This behavior should not necessitate the client knowledge of the intermediary firewall resources. The "firewall virtualization service" should be accessible at all layers: from users, middleware and protocols. Applications like GridFTP can then let the local firewall know which ports are needed to be opened or closed without the firewall needing to build application-specific logic.
The BOF proposal is to standardize the following interfaces:
1. Grid Application to "Firewall Service interface" Web Services Interface
2. Request authorization at control plane and data plane levels
Agenda:
Charter discussion. Charter will be published on the security area and infrastructure area mailing list.
Location: Montjuic
|
| |
| |
|
| |
| | Slides: OGF23-FVGA+Just.ppt |
| | Slides: Proposed Architecture for basis of standards |
| | Document (Word): Proposed Charter |