e-Science logo Nesc logo
About NeSC
e-Science Institute
e-Science Hub
e-Science Events
Presentations & Lectures
Technical Papers
Global Grid Links
UK e-Science Centres
UK e-Science Teams
Career Opportunities
Bibliographic Database


Paper ID: 1649

The GridSite Security Framework
Andrew,McNab Shiv,Kaushal

Appeared in: Proceedings of the UK e-Science All Hands Conference 2005 website: http://www.allhands.org.uk/2005/
Page Numbers:
Publisher: Engineering and Physical Sciences Research Council
Year: 2005
ISBN/ISSN: 1-904425-53-4
Contributing Organisation(s):
Field of Science: e-Science

URL: http://www.allhands.org.uk/2005/proceedings/papers/417.pdf

Abstract: We describe the architecture of the GridSite system, which adds support for several Grid security protocols to the Apache web server platform. These include the Globus GSI authentication system, GACL and XACML access policy files, and DN Lists and VOMS group memberships. The system was originally developed for controlling access to Web sites using Grid credentials, but has now been extended to support Web Services written in any of the languages which can be hosted by Apache. We use the example of a proxy delegation service developed in conjunction with the EGEE project to explain how such Web Services can be built using GridSite/Apache and a SOAP toolkit such as gSOAP. To support high speed access to large data files, GridSite also supports an HTTP Downgrade protocol, which we present. Finally, we describe GridSite's method of using Unix pool accounts to provide partial “sandboxing” of services, which allows remote users to deploy services in the form of scripts and native executables into a third-party hosting service built with GridSite. A model we refer to as GRACE.

Keywords: e-Science, AHM 2005



Last Updated: 22 Jun 12 11:02
This is an archived website, preserved and hosted by the School of Physics and Astronomy at the University of Edinburgh. The School of Physics and Astronomy takes no responsibility for the content, accuracy or freshness of this website. Please email webmaster [at] ph [dot] ed [dot] ac [dot] uk for enquiries about this archive.