Evaluating Grid Portal Security

Grid portals are an increasingly popular mechanism for creating customizable, Web-based interfaces to grid services and resources. Due to the powerful, general-purpose nature of grid technology, the security of any portal or entry point to such resources cannot be taken lightly. This is particularly true if the portal is running inside of a trusted perimeter, such as a science gateway running on an SDSC machine for access to the TeraGrid. To evaluate the current state of grid portal security, we undertake a comparative analysis of the three most popular grid portal frameworks that are being pursued as frontends to the TeraGrid: GridSphere, OGCE and clarens. We explore general challenges that grid portals face in the areas of authentication (including user identification), authorization, auditing (logging) and session management then contrast how the different grid portal implementations address these challenges. We find that although most grid portals address these security concerns to a certain extent, there is still room for improvement, particularly in the areas of secure default configurations and comprehensive logging and auditing support. We conclude with specific recommendations for designing, implementing and configuring secure grid portals

[1]  Ashiq Anjum,et al.  The Clarens Grid-enabled Web Services Framework : Services and Implementation , 2005 .

[2]  Geoffrey C. Fox,et al.  Special Issue: ACM 2000 Java Grande Conference , 2001, Concurr. Comput. Pract. Exp..

[3]  Robert W. Shirey,et al.  Internet Security Glossary , 2000, RFC.

[4]  Gregor von Laszewski,et al.  A Java commodity grid kit , 2001, Concurr. Comput. Pract. Exp..

[5]  Steven Tuecke,et al.  Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate Profile , 2004, RFC.

[6]  Kaizar Amin,et al.  Abstracting the Grid , 2004, 12th Euromicro Conference on Parallel, Distributed and Network-Based Processing, 2004. Proceedings..

[7]  Jason Novotny,et al.  GridSphere: an advanced portal framework , 2004 .

[8]  Jason Novotny,et al.  GridSphere: a portal framework for building collaborations , 2004, Concurr. Pract. Exp..

[9]  J. van Leeuwen,et al.  Information Security , 2003, Lecture Notes in Computer Science.

[10]  Ashiq Anjum,et al.  JClarens: a Java based interactive physics analysis environment for data intensive applications , 2004, Proceedings. IEEE International Conference on Web Services, 2004..