EU DataGrid and GridPP Authorization and Access Control

The EU DataGrid has deployed a Grid testbed at approximately 30 sites across Europe, with several hundred registered users. This talk describes authorisation systems produced by GridPP and currently used on the Testbed, including the management and distribution of Virtual Organisation membership, both by published lists and by attribute certificates; systems to enforce access control policies for job execution environments, fileservers, local Unix filesystems, and Grid and Web Services in Java environments; and a system of local Unix pool accounts.