Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

ccgrid2002-symphony - People

advertisement 
Symphony
A Java-Based Composition
and Manipulation Framework
for Computational Grids
Dennis Kafura
Markus Lorch
This work is supported by the
Virginia Commonwealth Information Security Center (CISC)
Organization
 Motivation
 The Symphony Framework
 Security Requirements
 Security Architecture
The Symphony
Framework
Dennis Kafura,
Markus Lorch
Virginia Tech
Motivation
 Different grid user categories
- component developer
- grid (meta) program composer/developer
- end user
 Existing grid middleware expose command-line
interfaces and proprietary APIs and use scripts to
define meta programs
The Symphony
Framework
Dennis Kafura,
Markus Lorch
Virginia Tech
 Grid portals are build for specific applications
(PSEs) and use specific grid middleware
Motivation (contd.)
Need for a grid abstraction layer, that:
 allows grid applications to be quickly
composed, customized, executed and monitored
 provides a unified API for grid portal and
application developers, independent of the
underlying grid middleware
The Symphony
Framework
Dennis Kafura,
Markus Lorch
Virginia Tech
 provides for grid applications that run accross
several grid middleware systems
The Symphony Framework
 A component-based framework for creating,
The Symphony
Framework
Dennis Kafura,
Markus Lorch
Virginia Tech
sharing, composing, and executing (elements of)
grid applications
 Components abstract local and remotely accessible
data and software resources through customizable
JavaBeans (programs, data files, and data streams)
 Grid applications defined by linking components
through data and control flow relationships
 Beans are instantiated and customized (equipped
with knowledge on the object this bean will be a
surrogate for)
The Symphony Framework
 Symphony beans can be customized and
The Symphony
Framework
Dennis Kafura,
Markus Lorch
Virginia Tech
interconnected either interactively by a user or
through programmatic means
 Standard composition environment is Sun‘s
BeanBox. A container supporting collaborative
work (shared workspace) is Sieve
 Symphony can currently incorporate Globus
resources (using the Java COG Kit), Symphony
resouces (RMI) and local resources into a single
meta program
Sample Meta Program
The Symphony
Framework
Dennis Kafura,
Markus Lorch
Virginia Tech
Sample Bean Customization
The Symphony
Framework
Dennis Kafura,
Markus Lorch
Virginia Tech
Resource Browser
The Symphony
Framework
Dennis Kafura,
Markus Lorch
Virginia Tech
The Symphony
Framework
Dennis Kafura,
Markus Lorch
Virginia Tech
Security Requirements
 Support for group collaboration
The Symphony
Framework
Dennis Kafura,
Markus Lorch
Virginia Tech
- delegation of fine grained privileges
- combination of privileges from sep. sources
 Fine grained enforcement with support for legacy
applications required
 Support for multiple credentials
 Low overhead setup mechanisms for ad-hoc
collaborative groups
 Support for short-term temporary users
(without OS user accounts)
Proposed Security Mechanisms
 Use proxy certificates as intended for
authentication
 Convey fine grained rights through attribute
certificates to enable user collaboration
 Interface grid middleware with POSIX OS
extentions for portable enforcement of fine
grained access policies
The Symphony
Framework
Dennis Kafura,
Markus Lorch
Virginia Tech
Symphony Security Mechanism
User
Resource Owner
Resource
Request Component (PC)
Customized Comp. (AC)
(1)
Resource Request (PC, AC)
(2)
Resource Reply
(1) The resource owner verifies user credentials,
issues an attribute certificate and submits a
Symphony component with together with an AC
The Symphony
Framework
Dennis Kafura,
Markus Lorch
Virginia Tech
(2) The resource verifies if proxy restrictions
and local policies allow request based
on identity (PC)
(3) The resource verifies AC validity and grants
specified rights for the duration of the access.
(3)
Symphony Security Summary
 Can employ any combination of proxy
The Symphony
Framework
Dennis Kafura,
Markus Lorch
Virginia Tech
certificates and attribute certificates
 Enables ad-hoc group collaboration through
user-to-user delegation
 Based on widespread GSI, can incorporate
CAS
 Supports legacy applications even for finegrained access policies
Current and Future Work
 Refining and evaluation of our security
mechanisms and integration in existing grid
security architectures.
 Support for additional grid middleware
(Legion, Unicore)
 Improvement of GUI and transformation
into a three tier architecture
The Symphony
Framework
Dennis Kafura,
Markus Lorch
Virginia Tech
Conclusion
 Evaluation version available at
http://symphony.cs.vt.edu
Contact
 Markus Lorch <mlorch@vt.edu>
 Dennis Kafura <kafura@vt.edu>
The Symphony
Framework
Dennis Kafura,
Markus Lorch
Virginia Tech
Related documents
The Four Functions of the Computer
The Four Functions of the Computer
10:30W-G-NNorthwestern Reviewing Stand: " The Fate of
10:30W-G-NNorthwestern Reviewing Stand: " The Fate of
Music in the Classical Period
Music in the Classical Period
Program Music
Program Music
Coordination of Ideas and Styles in the Western Musical Tradition
Coordination of Ideas and Styles in the Western Musical Tradition
Dr. Marie C. Paretti Department of Engineering Education Virginia
Dr. Marie C. Paretti Department of Engineering Education Virginia
Southwest Washington Symphony Musician Survey November 2011
Southwest Washington Symphony Musician Survey November 2011
2-page proposal file
2-page proposal file
Download
advertisement