Information Technology Reference
In-Depth Information
12.1
Security is essential for interorganizational collaborative e-Research.
Without robust, reliable, the easy to understand and manage e-Research
security models and their implementations, many communities and wider
industry will simply not engage. To support interorganizational, interdis-
ciplinary research it is essential that e-Research security infrastructures
support several key (dei ning) characteristics.
Introduction
•
They should be easy to use by end users, who should not have to
learn complex new systems or adopt technological solutions that
are not aligned with the fundamental reasons for engaging in
e-Research—namely, to undertake research.
They should have single sign-on to distributed resources; that is,
•
once authenticated (and/or authorized) they are able to access
and use a range of distributed resources without the need for fur-
ther authentication.
Sites should be able to allow or deny access to their resources for
•
given collaborators at their own discretion; that is, they should be
autonomous, and tools support should be available to help sup-
port this process.
Systems should scale to potentially support establishment and
•
management of very-large-scale virtual organizations (VO) involv-
ing many collaborators from numerous institutions with different
privileges.
Security infrastructures should incorporate or at least rel ect
•
existing (legacy) security infrastructures and policies of collabo-
rators to ensure that e-Research-specii c security infrastructures
do not violate/weaken existing policies on access and usage of
resources.
Given the e-Research vision to support models where new col-
•
laborations can be rapidly supported, or where new institutions/
users can be added, removed, or have their privileges changed
“on the l y” to existing collaborations, security infrastructures
should be able to support such dynamic scenarios.
It is clear that no single security model or policy will sufi ce for all
e-Research collaborations. Different domains have their own requirements
on access to and use of resources by collaborators. However, it is essential
that best practice in supporting collaborations is achieved. It is the case
that currently the predominant way in which security is currently
addressed in the grid community is through public key infrastructures
(PKIs) [1] to support authentication. While PKIs address some user identity
Search WWH ::
Custom Search