论文信息 - Using SAML-Based VOMS for Authorization within Web Services-Based UNICORE Grids

Using SAML-Based VOMS for Authorization within Web Services-Based UNICORE Grids

In recent years, the Virtual Organization Membership Service (VOMS) emerged within Grid infrastructures providing dynamic, fine-grained, access control needed to enable resource sharing across Virtual Organization (VOs). VOMS allows to manage authorization information in a VO scope to enforce agreements established between VOs and resource owners. VOMS is used for authorization in the EGEE and OSG infrastructures and is a core component of the respective middleware stacks gLite and VDT. While a module for supporting VOMS is also available as part of the authorization service of the Globus Toolkit, there is currently no support for VO-level authorization within the new Web services-based UNICORE 6. This paper describes the evolution of VOMS towards an open standard compliant service based on the Security Assertion Markup Language (SAML), which in turn provides mechanisms to fill the VO-level authorization service gap within Web service-based UNICORE Grids. In addition, the SAML-based VOMS allows for cross middleware VO management through open standards.

[1] Ian Foster,et al. The Globus toolkit , 1998 .

[2] Ian T. Foster,et al. The anatomy of the grid: enabling scalable virtual organizations , 2001, Proceedings First IEEE/ACM International Symposium on Cluster Computing and the Grid.

[3] Achim Streit,et al. Unicore - From project results to production grids , 2005, High Performance Computing Workshop.

[4] Ákos Frohner,et al. From gridmap-file to VOMS: managing authorization in a Grid environment , 2005, Future Gener. Comput. Syst..

[5] Daniel Mallmann,et al. Standardization Processes of the UNICORE Grid System , 2005 .

[6] Morris Riedel,et al. Requirements and Design of a Collaborative Online Visualization and Steering Framework for Grid and e-Science infrastructures , 2007 .

[7] Thomas Eickermann,et al. Design and evaluation of a collaborative online visualization and steering framework implementation for computational grids , 2007, 2007 8th IEEE/ACM International Conference on Grid Computing.