Abstract

This chapter introduces the Grid Security Infrastructure (GSI), the basis for GT4's Security layer. A working knowledge of fundamental security concepts is assumed in this chapter. This chapter requires a basic knowledge of public-key cryptography, certificates, and certificate authorities work, to be able to understand clearly. The Globus Toolkit 4 allows one to overcome the security challenges posed by grid applications through the GSI. GSI is a family of components that include command-line tools to manage certificates, Java classes to easily integrate security into web services, and higher-level services. GSI allows one to enable security at two levels: the transport level or the message level. GSI supports three authentication methods: X.509 certificates, username and password, and anonymous authentication. In general, in terms of authentication, communications can fall into three categories: Mutually authenticated, server-side only authentication, and completely unauthenticated. Although authorization is not one of the “fundamental pillars” of a secure conversation, it is nonetheless an important part of GSI. Authorization refers to who is authorized to perform a certain task. Credential delegation and single sign-on are one of the most interesting features of GSI, and are possible thanks to something called proxy certificates. Many of the features described in this chapter can be specified at three levels: container, service, and resource level.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.