1,002
views
0
recommends
+1 Recommend
1 collections
    4
    shares

      Studying business & IT? Drive your professional career forwards with BCS books - for a 20% discount click here: shop.bcs.org

      scite_
       
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Deploying the Globus Security Infrastructure in a Production Environment: Testing and Evaluation

      Published
      proceedings-article
      , ,
      EuroWeb 2002 Conference (EW)
      EuroWeb
      17-18 December 2002
      Bookmark

            Abstract

            The Globus Toolkit emerged among several projects as the standard de facto for the design of an infrastructure for computational grids. The Globus Security Infrastructure (GSI) provides security features that integrate and extend standard protocols for distributed systems with original solutions. In this paper we investigate the functional correctness and effectiveness of the GSI features with respect to the main security services peculiar of a production environment. With this aim, we design and deploy a multiplatform, multiversion and multisite testbed for a computational grid. We then define a formal plan of tests and accomplish it in our testbed. Our results show that: message integrity, authentication and non repudiation are well addressed; access control and availability are problematic; message confidentiality was not implemented in the software release available at the time experiments have been accomplished. These results point out that GSI can be transferred to a production environment only if supported with a series of countermeasures aimed to reduce risks implied from a not satisfactory user credentials management and a lack of an effective monitoring system. Finally, we discuss the main points to be fixed in the deployment of a computational grid, such as the integration with Certification Authorities other than the one provided by Globus, and the adopted countermeasures mainly consisting in some additional features, such as an automatic tool for grid user management, a tool for advanced local access control, and a monitoring system for grid resources.

            Content

            Author and article information

            Conference
            December 2002
            December 2002
            : 1-10
            Affiliations
            [0001]Servizio Reti di Telecomunicazioni del C.N.R., Roma, Italy
            [0002]Netlab, Istituto di Analisi dei Sistemi ed Informatica del CNR, Roma, Italy
            Article
            10.14236/ewic/EW2002.13
            50e50743-b85c-49c7-ab2a-ef697ab22dca
            © M. Draoli et al. Published by BCS Learning and Development Ltd. EuroWeb 2002 Conference

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            EuroWeb 2002 Conference
            EW
            St Anne’s College, Oxford, UK
            17-18 December 2002
            Electronic Workshops in Computing (eWiC)
            EuroWeb
            History
            Product

            1477-9358 BCS Learning & Development

            Self URI (article page): https://www.scienceopen.com/hosted-document?doi=10.14236/ewic/EW2002.13
            Self URI (journal page): https://ewic.bcs.org/
            Categories
            Electronic Workshops in Computing

            Applied computer science,Computer science,Security & Cryptology,Graphics & Multimedia design,General computer science,Human-computer-interaction

            Comments

            Comment on this article