Secure grid monitoring, a web-based framework
Authors: 
Brajendra K. Singh, Amirhasan Amintabar, Akshai Aggarwal, Robert D. Kent, Ahmedur Rahman, Farhan Mirza, and Zillur RahmanAuthors Info & Claims
Brajendra K. Singh, Amirhasan Amintabar, Akshai Aggarwal, Robert D. Kent, Ahmedur Rahman, Farhan Mirza, and Zillur RahmanAuthors Info & ClaimsOctober 2007
Article No.: 15, Pages 1 - 7
Abstract
The problem of securely monitoring the grid, in which a group of different entities provide and exchanging confidential information has become a significant task for an efficient use of shared resources. In this paper, a Web based secure grid monitoring framework is presented which permits resources to be monitored only by authorized users. The proposed framework provides monitoring a grid environment comprehensively, with low overhead for authentication and authorization purposes. Another advantage of our framework is that complex authorization policies for grid monitoring can be easily applied.
References
[1]
Zanikolas, S., Sakellariou, R. 2005. A Taxonomy of Grid Monitoring System. Future Generation Computer Systems. vol 21, issue 1 (January 2005).
[2]
Massie, M. L., Chun, B. N., Culler, D. E. 2004. Ganglia Distributed Monitoring System: Design, Implementation, and Experience. Parallel Computing 30, pp. 817--840.
[3]
Newman, H. B., Legrand, I. C., Galvez, P., Voicu, R., Cirstoiu, C. 2003. MonALISA: a distributed monitoring service architecture. Computing in High Energy and Nuclear Physics (CHEP03). (La Jolla, CA, 2003).
[4]
Web Services Description Language (WSDL) Version 2.0, SOAP Specifications, World Wide Web Consortium, http://w3.org
[5]
GridCat. 2007. http://www.ivdgl.org/gridcat/home/ (accessed Jan 2007).
[6]
Andreozzi, S., Bortoli, N. D., Fantinel, S., Ghiselli, A., Tortone, G., Vistoli, C. 2003. GridICE, A Monitoring Service for the Grid. Proceedings of the Third Cracow Grid Workshop, Cracow. (Poland, October 27--29, 2003). pp. 220--226.
[7]
GLUE Schema Specification version 1.2: http://glueschema.forge.cnaf.infn.it/uploads/Spec/GLUEInfoModel_1_2_final.pdf (as of Dec 2006)
[8]
Gunter, D., Tierney, B., Crowley, B., Holding, M., Lee, J. 2000. NetLogger: a toolkit for distributed system performance analysis. Modeling, Analysis and Simulation of Computer and Telecommunication Systems, 2000. Proceedings. 8th International Symposium. (29 Aug.-1 Sept. 2000) pp. 267--273.
[9]
NetLogger, http://dsd.lbl.gov/NetLogger/overview.html
[10]
Barbera, R., Re, P. L., Sava, G., Tortone, G. 2002. Grid monitoring with NetSaint. Bologna-Datagrid WP7 meeting, (Jan 24, 2002).
[11]
Mambelli, M., Kim, B., et al. 2004. Grid2003 Monitoring, Metrics and Grid Cataloging System. Proc. of CHEP04, Interlaken, (CH, Sept 2004).
[12]
GT 4.0 WS MDS WebMDS: http://www.globus.org/toolkit/docs/4.0/info/webmds/
[13]
Foster, I., Kesselman, C., Pearlman, L., Tuecke, S. and Welch, V. 2003. The Community Authorization Service: Status and Future. Proceedings of Computing in High Energy Physics 03 (CHEP '03). (La Jolla, California, March 24--28, 2003).
[14]
GT4 CAS Admin Guide, http://www.globus.org/toolkit/docs/4.0/security/cas/adminindex.html
[15]
Alfieri, R., Cecchini, R., Ciaschini, V., dell'Agnello, L., Frohner, A., Gianoli, A., Lorentey, K. and Spataro, F. 2003. VOMS, an authorization system for virtual organizations. European Across Grids Conference. (2003), pp. 33--40.
[16]
The Akenti Approach, http://dsd.lbl.gov/Akenti/
[17]
Chadwick, D. W. and Otenko, A. The PERMIS X.509 Role Based Privilege Management Infrastructure. 7th ACM Symposium on Access Control Models and Technologies. (2002).
[18]
WS-Security Standard V1.0, OASIS Web Services Security TC. 2004. http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsssoap-message-security-1.0.pdf
[19]
WS-Trust V1.0 Working Draft, OASIS Web Services Secure Exchange TC. 2006. http://www.oasisopen.org/committees/download.php/16138/oasis-wssx-ws-trust-1.0.pdf
[20]
WS-SecureConversation V1.0 Working Draft, OASIS Web Services Secure Exchange TC. 2006. http://www.oasisopen.org/committees/download.php/16140/oasis-wssx-wssecureconversation-1.0.pdf (as of Nov. 2006).
[21]
Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V1.1, OASIS Standard. 2003. http://www.oasisopen.org/committees/download.php/3406/oasis-sstc-samlcore-1.1.pdf. (2 September, 2003).
[22]
Technical Overview of the OASIS Security Assertion Markup Language (SAML) V1.1. 2007. http://www.oasisopen.org/committees/download.php/6837/sstc-saml-techoverview-1.1-cd.pdf. (January 9, 2007)
[23]
Security Assertion Markup Language http://www.oasisopen.org/committees/tc_home.php?wg_abbrev=security
[24]
Welch, V., Siebenlist, F., Foster, I., Bresnahan, J., Czajkowski, K., Gawor, J., Kesselman, C., Meder, S., Pearlman, L., Tuecke, S. 2003. Security for Grid Services. Twelfth International Symposium on High Performance Distributed Computing (HPDC-12), IEEE Press. (June 2003).
[25]
Wang, J. 2006. A Web Services Secure Conversation Establishment Protocol Based on Forwarded Trust. Web Services, ICWS '06. International Conference. (Sept. 2006) pp. 569--576
[26]
Foster, I. 2006. Globus Toolkit Version 4: Software for Service-Oriented Systems. IFIP International Conference on Network and Parallel Computing, Springer-Verlag LNCS 3779, pp 2--13.
[27]
Globus, http://www.globus.org/ (accessed 9th January 2007)
[28]
Pereira, A. L., Muppavarapu, V. and Chung, S. M. 2006. Managing Role-Based Access Control Policies for Grid Databases in OGSA-DAI Using CAS. Journal of Grid Computing. Springer. (Dec 2006), pp. 17.
[29]
Jokl, J., Basney, J. and Humphrey, M. 2004. Experiences using Bridge CAs for Grids, Proceedings of the UK Workshop on Grid Security Experiences Oxford. (8th - 9th July 2004).
[30]
Novotny, J., Tuecke, S. and Welch, V. 2001. An Online Credential Repository for the Grid: MyProxy. Proceedings of the Tenth International Symposium on High Performance Distributed Computing (HPDC-10), IEEE Press.
[31]
WS-Security SAML Token Profile V1.0, OASIS Web Services Security TC. 2004. http://docs.oasisopen.org/wss/oasis-wsssaml-token-profile-1.0.pdf.
[32]
https://forge.gridforum.org/sf/projects/glue-wg (accessed 28th August 2007)
Recommendations
Review of security models applied to distributed data access
Euro-Par'06: Proceedings of the CoreGRID 2006, UNICORE Summit 2006, Petascale Computational Biology and Bioinformatics conference on Parallel processingIn this paper, we explore the technologies behind the security models applied to distributed data access in a Grid environment. Our goal is to study a security model allowing data integrity, confidentiality, authentication and authorization for VO ...
A review of grid authentication and authorization technologies and support for federated access control
Grid computing facilitates resource sharing typically to support distributed virtual organizations (VO). The multi-institutional nature of a grid environment introduces challenging security issues, especially with regard to authentication and ...
A network access control approach based on the AAA architecture and authorization attributes
Network access control mechanisms constitute an increasingly needed service, when communications are becoming more and more ubiquitous thanks to some technologies such as wireless networks or Mobile IP. This paper presents a particular scenario where ...
Comments
Information & Contributors
Information
Published In
Sponsors
- Orange
- Alcatel-Lucent
- Myricom
- SIGARCH: ACM Special Interest Group on Computer Architecture
- ICST
- INRIA: Institut Natl de Recherche en Info et en Automatique
Publisher
ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering)
Brussels, Belgium
Publication History
Published: 17 October 2007
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
GridNets07
Sponsor:
- SIGARCH
- INRIA
GridNets07: 1st International Conference on Networks for Grid Applications & Workshops
October 17 - 19, 2007
Lyon, France
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 93Total Downloads
- Downloads (Last 12 months)1
- Downloads (Last 6 weeks)0
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in