Information Technology Reference
In-Depth Information
INTRODUCTION
site, the user or the grid collaboration as a whole.
It becomes very important then, to have controls
on the access and flow of this data, so that the
information sources can decide what data they
want published and what data they want restricted.
Since these models of informational flow are still
evolving in today's grids, these controls are still
in the process of being designed into the software
infrastructure. As such, there isn't a standard way
to control this flow of information. We think there
is an urgent need to study the various vectors of
information being provided by sites to grid infra-
structures. This includes an analysis of the nature
of the information itself, as well as the software
publishing this information.
In our work, we use the Open Science Grid
(OSG) (“Open Science Grid Consortium,”) as a
case study for this model of information flow,
looking at the five major information collection
systems within the OSG, and analyzing the se-
curity implications of this infrastructure. We also
provide some recommendations on improving the
current infrastructure to preserve the privacy and
security of sensitive information.
Grid computing has become a very successful
model for scientific collaborations and projects to
leverage distributed compute and data resources.
It has also offered the research and academic
institutions that host these resources an effective
means to reach a much larger community. As grid
computing grows in scope, and as an increasing
number of users and resources are plugged into
the grid, there is an increasing need for metadata
services that can provide useful information about
the activities on that grid. These services allow
for more sophisticated models of computing, and
are fundamental components of scalable grid
infrastructures. The scope of these services is
fairly broad and covers a variety of uses includ-
ing resource selection, monitoring, accounting,
troubleshooting, logging, site availability and site
validation. This list could grow, as grids evolve
and other types of metadata become interesting
to users and administrators. This means that it
becomes important for a grid infrastructure to
provide central collection and distribution points
that can collate information gathered from mul-
tiple sources.
The typical publication model involves push-
ing data from site based informational end points
to central collectors, using streaming feeds or
periodic send operations. The central collec-
tors then make this data available to interested
parties using standard interfaces and protocols
in the form of web services and database query
engines. The usability of the grid depends on the
widespread availability of this information. Given
the increasingly open nature of grid computing
these collectors and information services generally
present publicly accessible front-ends.
Now consider the implications of this model
for a site providing grid resources. Being included
in a grid infrastructure means that a large amount
of site information suddenly enters the public
domain. This could include information deemed
as sensitive or private from the perspective of the
THE OPEN SCIENCE GRID
The OSG offers a shared infrastructure of dis-
tributed computing and storage resources, inde-
pendently owned and managed by its members.
OSG members provide a virtual facility available
to individual research communities, who can add
services according to their scientists' needs.
It includes a wide selection of resource pro-
viders, ranging from small universities to large
national laboratories. This broad range of sites
results in a diverse set of security requirements.
Reconciling these diverse security priorities is a
challenge, and requires close interaction between
the sites and the OSG managers. One approach to
addressing this issue is to provide the necessary
tools in the grid middleware stack, so that sites
can configure security policies directly into the
Search WWH ::




Custom Search