The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Many different accounting systems currently exist for the European Grids and for other distributed systems in general. Even though they often share equivalent technical approaches, concerning accounting metrics and batch-system log access, there are lots of different data formats, accounting-database layouts, communication- and implementation details that hinder a consistent and comprehensive accounting...
Single sign-on and delegation of rights are key requirements for modern grid infrastructures. These requirements are usually facilitated by X.509 und private-key infrastructures (PKI) and proxy certificates. Proxy certificates, however, can be obtained and abused by a malicious third party. There is currently no method for end users to detect such abuse. We have designed a solution that enables a...
As new concepts for eSciene like grid computing and cloud computing tend to leave the research phase and develop towards production quality, the security eventually moves into focus. Up to now research in the security area concentrates on authentication and authorization on the resources themselves, but to enhance network security more generally, access control must be pushed back to the entry point...
To secure communication in Grids many efforts have been made regarding authentication and authorization. Due to some application requirements it is up to now recommended to open wide port ranges on firewalls. This configuration is commonly accepted as insecure. We present an approach to enhance the security of firewalled Grid components by a new method to dynamically authorize TCP connections on firewalls...
In modern grids, authentication is usually implemented via an X.509 PKI. Proxy certificates are employed to facilitate interaction with the grid, especially for purposes of delegation and single sign-on. However, due to the nature of proxy credentials, these can be obtained by an unauthorized third party and abused for disruptive actions or unauthorized resource consumption. We propose modifications...
Grid computing provides users with transparent access to substantial compute and storage resources. Up to now the main focus lay in the development of Grid infrastructures and the development of services providing access to grid resources. This leads to a negligence of security aspects, which, for example, leads to the recommendation of open wide port ranges on firewalls protecting the Grid resources...
Shibboleth-based federations emerge in numerous countries, especially in the academic sector. Leveraging these federations for authentication and authorization purposes in Grid computing is one aim of current research. In this paper an architecture for delivering attributes managed by both, Shibboleth IdPs and VOMS, to Grid resources for authentication and authorization purposes is presented. Special...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.