Cluster Computing and the Grid, IEEE International Symposium on (2005)
Cardiff, Wales, UK
May 9, 2005 to May 12, 2005
M. Smith , Dept. of Math. & Comput. Sci., Marburg Univ., Germany
T. Friese , Dept. of Math. & Comput. Sci., Marburg Univ., Germany
B. Freisleben , Dept. of Math. & Comput. Sci., Marburg Univ., Germany
In typical on demand grid computing scenarios, services from different organisations can potentially run in the same Web service engine on a single grid node, making intra-engine service security vital for any production system. In this paper, a solution to the problem of intra-engine inter-service security for ad hoc grid environments based on WSRF is presented. To ensure that only authorized access to grid services is possible from within other services' code, a dynamic group enabled sandboxing approach within Apache Axis is proposed to protect dynamically deployed grid services. It relies on the features provided by a hot deployment service developed for ad hoc grids. A prototypical implementation of the hot deployment service and the intra-engine service security approach based on the Globus Toolkit 4 (GT4) is used to demonstrate the feasibility of our approach.
B. Freisleben, M. Smith and T. Friese, "Intra-engine service security for grids based on WSRF," 2005 IEEE International Symposium on Cluster Computing and the Grid(CCGRID), Cardiff, Wales, UK, 2005, pp. 644-653.