Information Technology Reference
In-Depth Information
lines, so that a VO is only authorized to ac-
cess its own data.
5. Prevent indexing or caching of dynamic
site information on web servers by search
engines. This can be done by using files like
robots.txt to prevent search engines from
storing this information.
6. In the long run, there should be a concerted
effort to consolidate software systems col-
lecting similar information, so that site
administrators and security officers have a
single point of control for protecting such
information. For example the Teragrid's Inca
monitoring system consolidates resource
validation, troubleshooting and monitoring
functionality under a single engine (“Inca:
User Level Grid Monitoring,”; “TeraGrid,”).
in OSG” section. These systems face similar risks
with respect to sensitive site information, and we
expect the general techniques for protecting this
information to be applicable as well.
There is an increasing trend towards interoper-
ability among grids, with international collabora-
tions and VOs driving usage and infrastructure
requirements. There is a shift away from cen-
tralized grid providers, towards integrated VO
architectures, where a given VO frames its own
usage model. This points to cross-grid collection
services that operate on a per-VO basis. Since VOs
work in close collaboration with the major grid
providers, many of the current technologies dis-
cussed have uses cases for such VO based services.
For example, the ALICE VO uses MonALISA to
provide integrated monitoring of its supporting
resources. This means that VOs must also take
site security requirements into consideration as
they build their grid information frameworks.
Some of these features already exist in the OSG
software, but there also needs to be a compre-
hensive effort to integrate these types of features
across the middleware and collector infrastructure.
FUTURE WORK
APPLICABILITY TO OTHER GRIDS
The focus of this work has been on the OSG, and
its tools, infrastructure and metadata. It would be
useful to extend this analysis to other major grid
infrastructures such as the Teragrid or EGEE, to
understand how they approach issues pertaining
to sensitive site-related information. This would
highlight common problems and solutions, and
provide alternative approaches towards protect-
ing site data.
Also, given that scientific collaborations are
increasingly adopting the VO model of grid com-
puting, where a VO maintains a certain amount of
control over its own users and metadata, it would be
interesting to analyze how VOs manage sensitive
information, and how they publish and integrate
this data across one or more grid infrastructures.
While our work has largely been a case study on
the OSG, the general principles of securing site
information are applicable to any major grid infra-
structure. Collection and publication of resource
information is a common feature across grids,
and results in similar requirements and goals with
respect to protection of such information.
Indeed, many of the discussed software sys-
tems are currently deployed in other grid infra-
structures as well. e.g. CEMon and MonALISA
at various EGEE sites (“MonALISA Repository
for Alice,”; “Enabling Grids for E-Science,”).
Other grids have their own information services
providing equivalent functionality. The Teragrid
uses the Inca monitoring system for resource
availability, validation and monitoring purposes,
collecting and publishing similar site information
as that discussed in the “Information Collection
Search WWH ::
Custom Search