CROWN: A Service Grid Middleware for e-Science - Grid Computing: Infrastructure, Service, and Applications

Information Technology Reference

In-Depth Information

1.2.4.4

Security Architecture Supporting Domain Interoperability

CROWN uses a federate construction to form the virtual organization.

We use the term “region” to denote the area with a homogeneous security

infrastructure such as PKI or Kerberos, and the term “domain” to denote

the area of autonomous organization. When grid services are deployed

in different domains, each domain may have its own security concerns

about the services. CROWN provides a i ne-grained and extensible

architecture that maximizes the separation of service administrators

and service developers. Besides this, CROWN enables the same imple-

mented service to be deployed into the PKI and Kerberos domains

without having to modify the source code of the service. Furthermore,

CROWN-ST also supports users from domains with heterogeneous

security infrastructures to access the resources from other domains.

1.3

Resource Management in CROWN

1.3.1

Overview

CROWN employs a three-layered structure of resource organization and

management [5], as illustrated in Figure 1.4 , based on the characteristics

of e-Science applications and the resource subordination relationship. The

three layers are the node server, RLDS (Resource Locating and Descrip-

tion Service), and S-Club and RCT (Resource Category Tree).

In CROWN, before a computer can become a node server (NS), it must

have the CROWN middleware installed. The service container is the core

component in the CROWN middleware and provides a runtime environ-

ment for various services. Each NS usually belongs to a security domain.

Every domain has at least one RLDS to provide information services, and

RLDS maintains the dynamic information of the available services. S-Club

and RCT are used for more efi cient resource organization and service

discovery.

1.3.2

Node Server

The node server contains one component: the node. All kinds of heteroge-

neous resources are encapsulated into CROWN nodes, and services are

deployed on these nodes to provide a homogeneous view for the upper

middleware to access the resources.

The CROWN node server is implemented on the basis of GT4 Java

WSRF core, and Figure 1.5 shows its system architecture. GT4 pro-

vides a stable implementation of the WSRF specii cation family and a

Search WWH ::

Custom Search

Home