The Community for Technology Leaders
Green Image
ABSTRACT
<p>Individuals and institutions in science and industry are increasingly forming virtual organizations to pool resources and tackle a common goal. Participants in virtual organizations need to share resources such as data archives, computer cycles, and networks. Any sharing mechanism must be able to authenticate the user's identity and determine if the user is authorized to request the resource.</p> <p>The authors have created and deployed an authentication and authorization infrastructure that meets these requirements: the Grid Security Infrastructure. GSI offers secure single sign-ons and preserves site control over access policies and local security. It provides its own versions of common applications, such as FTP and remote login, and a programming interface for creating secure applications.</p> <p>The authors use this technology to create smaller test-beds for individual scientific collaborations. They are investigating its feasibility for high-energy physics projects. Enhancements to GSI will reduce the cost of establishing a virtual organization security environment, add support for advanced features such as smart cards, and restrict delegation for more fine-grained access control.</p>
INDEX TERMS
CITATION
Steven Tuecke, Carl Kesselman, Randy Butler, John Volmer, Von Welch, Ian Foster, Douglas Engert, "A National-Scale Authentication Infrastructure", Computer, vol. 33, no. , pp. 60-66, December 2000, doi:10.1109/2.889094
113 ms
(Ver )