An online credential repository for the Grid: MyProxy

Grid portals, based on standard Web technologies, are increasingly used to provide user interfaces for computational and data grids. However, such Grid portals do not integrate cleanly with existing Grid security systems such as the Grid Security Infrastructure (GSI), due to lack of delegation capabilities in Web security mechanisms. We solve this problem using an online credentials repository system, called MyProxy. MyProxy allows Grid portals to use the GSI to interact with Grid resources in a standard, secure manner. We examine the requirements of Grid portals, give an overview of the GSI, and demonstrate how MyProxy enables them to function together. The architecture and security of the MyProxy system are described in detail.

[1]  Ian T. Foster,et al.  The anatomy of the grid: enabling scalable virtual organizations , 2001, Proceedings First IEEE/ACM International Symposium on Cluster Computing and the Grid.

[2]  Stephen Farrell,et al.  Securely Available Credentials - Requirements , 2001, RFC.

[3]  Craig Metz,et al.  A One-Time Password System , 1996, RFC.

[4]  William E. Johnston,et al.  Grids as production computing environments: the engineering aspects of NASA's Information Power Grid , 1999, Proceedings. The Eighth International Symposium on High Performance Distributed Computing (Cat. No.99TH8469).

[5]  Jay Boisseau,et al.  Development of Web toolkits for computational science portals: the NPACI HotPage , 2000, Proceedings the Ninth International Symposium on High-Performance Distributed Computing.

[6]  Ian T. Foster,et al.  A National-Scale Authentication Infrastructur , 2000, Computer.

[7]  Jason Novotny,et al.  The Grid Portal Development Kit , 2002, Concurr. Comput. Pract. Exp..

[8]  Warren Smith,et al.  A Resource Management Architecture for Metacomputing Systems , 1998, JSSPP.

[9]  Ian T. Foster,et al.  Globus: a Metacomputing Infrastructure Toolkit , 1997, Int. J. High Perform. Comput. Appl..

[10]  I. Foster,et al.  Design and deployment of a national-scale authentication infrastructure , 1999 .