Privilege Project - PowerPoint PPT Presentation

1 / 5
About This Presentation
Title:

Privilege Project

Description:

Generate an extended proxy based on role information stored in VOMS ... The desire to deploy the GT4 Web services requires a callout for privilege ... – PowerPoint PPT presentation

Number of Views:22
Avg rating:3.0/5.0
Slides: 6
Provided by: fisk2
Category:

less

Transcript and Presenter's Notes

Title: Privilege Project


1
Privilege Project
  • Ian Fisk
  • GDM Report
  • February 8, 2005

2
Where does Privilege Fit in Grid Services
Facilitates Job Priority And Storage Access
Privilege Infrastructure Naturally fits Here.
Could help Facilitate
3
Project Drivers Scope
  • The primary goal of this phase of the project was
    to deliver the execution call-out for
    finer-grained authorization of processing
    resources
  • Generate an extended proxy based on role
    information stored in VOMS
  • Module to parse extended attribute certificates
  • Communicate the information to a identity mapping
    service in a secure manner
  • Return the information to the Globus gatekeeper
  • Map the user to a specified UID

4
Status
  • Privilege has delivered an infrastructure that
    has been deployed on OSG
  • The authorization system has been deployed on all
    CMS-T2 centers, the T1 at FNAL, FermiGrid, BNL,
    etc.
  • CMS and ATLAS have defined roles that can be
    implemented within VOMS
  • Voms extended proxy is parsed by the callout and
    given to GUMS for authentication
  • User is either assigned to a specified account or
    a pool of accounts.
  • Pool mapping is maintained persistently between
    sessions
  • The release for the pre-web service
    globus-gatekeeper callout is stable
  • Relatively light operations support
  • A couple of tickets a month, so far rapidly
    solved
  • The infrastructure does the basic elements from
    the initial proposal for the processing
    gatekeeper.
  • Room for performance and functionality
    improvements, but fast enough for now

5
Plans
  • There are 3 significant pieces of work facing the
    Privilege Developers
  • Implementation of the callout for storage
  • This is work that we expected to have completed
    already. Slowed due to communication and
    available effort issues.
  • The gPlasma Architecture designed by Ahbishek
    Rana at UCSD with help from CCF should allow the
    same consistent mapping received by the
    Globus-Gatekeeper to be available to the SRM
    interface
  • Expected for scale deployment at FNAL by the end
    of the year
  • The desire to deploy the GT4 Web services
    requires a callout for privilege
  • Gabriele C. and G., and Vikram have made good
    progress
  • Currently waiting on a patch from Globus
  • Progress is somewhat dependent on others
  • Hopefully a production release by early January
  • The final piece of work is a detailed survey of
    deployment experiences and an understanding of
    the level of adoption on OSG sites
  • Documentation Project
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Privilege Project" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!