Information Technology Reference
In-Depth Information
utility to move files between services and clients using the HTTP
protocol, without embedding them in SOAP messages. In practice, we
have found this more efficient, since it avoids data serialization or
deserialization and saves much memory on both client and server sides.
Service Invocation.
caGrid services use WSRF extension to
enable stateful communications with clients. The
service invocation
component implements WSRF specification such that it can interact
with services in a stateful manner. This feature is extremely useful in a
multistep interaction with a service, which is quite common in scientific
applications. For example, a scientist submits a dataset to a caGrid
service to run a computation-intensive task. Since the computation
usually takes some time in the backend system, a result cannot be
returned in a synchronous manner. In this case, the service chooses to
synchronously return an EPR (End Point Reference) that identifies the
service interaction. At a later time, scientists use the EPR as a handler to
query the status of the task that they submitted earlier and obtain the
result when it is ready. The WSRF implementation on the server side
uses the EPR to identify the instance of the service and return the
specific result data appropriately. The issuance and management of an
EPR is handled by the Globus toolkit and the service invocation
component, and is transparent to users.
Security Enforcement.
Security is an important aspect in bio-
medical applications. Scientists want to ensure the privacy, integrity,
authentication, and authorization in the sharing of data and computation
resources in a multi-institutional environment. For example, scientists
may constrain the access to their data to certain organizations or groups
of users (authentication and authorization); they may want to access
their data in an encrypted way such that no other people can intercept
the content (privacy); they may also want an assurance that the data the
recipient receives are exactly the same as those sent by the sender
(integrity). All these issues have been addressed by the Grid Security
Infrastructure (GSI) [190] in the Globus toolkit. GSI leverages public
key infrastructure (PKI) and X.509 certificates [188] to address these
security requirements.
caGrid uses the Grid Authentication and Authorization with Reli-
ably Distributed Services (GAARDS) [191] as an extension to the GSI,
to provide services and tools for the administration and enforcement of
