GridLab logo
Welcome
* Introduction
* News
* FAQ
* Licence
* Links
Download
* Releases
* Documentation
* Presentations
People
* Collaborations
* Team
* e-Mail
* Internal
Information Society Technologies  
 
| Home | Products & Technologies | Support & Downloads | Contact us |  

Grid Security


GAS Frequently Asked Questions WP6 home


1. What is the GAS?
2. What is the idea behind GAS?
3. What is the current functionality of GAS?


1. What is the GAS?
GAS has been designed as a trusted single logical point for defining security policy for complex grid infrastructures. As the flexibility is a key requirement, it is to be able to implement various security scenarios, based on push or pull models, simultaneously. Moreover, GAS is considered as independent of specific technologies used at lower layers, and it should be fully useable in environments based on Globus Toolkit(supporting compatibility scenario with CAS) as well as other toolkits. The high level of flexibility is achieved mainly through modular design of GAS. It is divided into five logical components, with the main GAS core module responsible for performing authorization decisions based upon defined security policy, which is maintained as a set of permissions for specific subjects (e.g. user) and objects (e.g. resource).

2. What is the idea behind GAS?
 
  • Trusted single logical point for managing security policy for virtual organization,
  • Independent on specific technologies applied to build a secure grid infrastructure,
  • Support for different scenarios of using GAS, with a possibility to apply them simultaneously within single virtual organization,
  • Modular structure allows to introduce new modules for communication, database support, service management, integration with external security solutions (e.g. GSI-enabled Web Service, SAML, XACML, and many other).

3. What is the current functionality of GAS?
Core functionality:
  • Built-in RAD (Resource Access Decision) authorization security model,
  • Initial support for RBAC (Role Based Access Control) authorization security model,
  • Ability to receive authorization decisions from GAS,
  • Ability to generate a logical part of security policy from GAS,

Management:
  • Support for GAS server administration,
  • Example user-friendly clients, including GridSphere based portlet, GTK based client and command-line client,

Communication:
  • Access over GSI-enabled Web Service interface is available (e.g. C clients over gSOAP and Java clients over Axis/GT3 libraries to get access to GAS),
  • Access over our own protocol based on GSI protocol,

Integration with Security Solutions:
  • GSI support,
Back to top




GridLab: Grid Application Toolkit and Testbed is co-funded by the European Commission under the Fifth Framework Programme (IST-2001-32133).
Web admin: Petr Holub, web design: Radoslaw Strugalski

Last update on Friday, 09-Jul-2004 14:40:22 CEST.