Home Up Feedback Contents Search

 
History

 

 

 

 

 

Sponsor Links
IBM Virtualization Engine Grid Toolbox for Multiplatforms - ( v. 1.x ) - media
HP/Compaq Proliant BL20p G3 Blade Server
IBM eserver BladeCenter HS20 8832 - Xeon 3.2 GHz
logo_88x31
HP StorageWorks Modular SAN Array 1000, includes one controller and one single-port Fibre Channel I/O Module
Hotwire.com
Intel Server Compute Blade SBXL52 - no CPU
Red Hat Linux Advanced Server
Intel Cluster Math Kernel Library for Linux - ( v. 7.x ) - complete package
Dell Outlet
Intel Blade Server Chassis SBCE - desktop - 7 U
iBook G4
HP Installer Kit for Linux - media
HP StorageWorks Continuous Access EVA - ( v. 1 ) - complete package
HP Fabric Manager Enterprise - ( v. 4.x ) - complete package
IBM Cluster Systems Management Base for Xlinux/EServer - ( v. 1.4 ) - media
HP F500 Cluster for EVA Basic
S/W Integration Kit for HP OpenView NNM SNMP MGMT
HP StorageWorks 300mx MO Jukebox 2 Drives , 291.2 GB
Novanet Microsoft Clusters
HP StorageWorks Magneto-Optical Storage 2200mx , 2.17TB

Milestones in Grid Computing
Architecture
OGSA
OGSI
WSRF

Technology
 GSI authentication
Kerberos
PKI
Trust Models
X.509 v3, CRL
X.509 CRMF
X.509 Token Profile

Podcasts
GSI
Secure SSL auditing
Security Taxonomy
SAML
WS-Security

Webcasts
GSI
Secure SSL auditing
Security Taxonomy
SAML
WS-Security
 

 

 

 

By Ken North

Computing is sometimes like pop music in the rush to embrace the label "new". Someone promoting a singer or group is more likely to talk about a "new sound" than a classic sound or a traditional beat. Despite all of the hype about new sounds, most popular tunes are based on a three- or four-chord progression. Music doesn't really re-invent itself every few months. Although publicists are beating the "new sound" drum, many artists openly acknowledge their musical roots. They give credit to the musicians, songwriters  and composers who music was an influence on them.

If I have been able to see farther, it was only because I stood on the shoulders of giants.
   - Sir Isaac Newton, 1675

 

The software field seems to be operating on a different set of rules, perhaps because of the rush to patent ...

 

To his credit, Ian Foster is reluctant to be called the father of grid computing. Perhaps it's because he comes from an academic background with a tradition of giving credit where credit is due.

 

 

The history of grid computing, or utility computing, includes events such as formation of the Global Grid Forum, Enterprise Grid Alliance and Globus Alliance.  Will historians begin the history grid computing with the formation of those alliances, or were there other seminal events that marked the beginnings of grid computing?

There is no consensus among scholars and technology writers about the origins of grid computing. Perhaps the different opinions are due to terminology and that some authors use utility computing while others prefer grid computing. Except for persons who confuse grids with clusters, authors are often in agreement about the concept of grids:

Grids enable the sharing, selection, and aggregation of a wide variety of geographically distributed computational resources ... and presents them as a single, unified resource for solving large-scale compute and data intensive computing applications. 1

Grid computing can be differentiated from almost all distributed computing paradigms by this defining characteristic: The essence of grid computing lies in the efficient and optimal utilization of a wide range of heterogeneous, loosely coupled resources in an organization tied to sophisticated workload management capabilities or information virtualization. (Note that an organization can span multiple departments, physical locations, and so on. We use term "organization" here in the abstract sense.) 2

To avoid confusion

 

As grid technology emerged, an important research paper defined an open architecture for grid services. That paper provided the genesis for further refinement of the services model, with security services playing an important role.

Several generations of technical documents have emerged to describe an architecture and infrastructure for grid services. A de facto model has emerged for grid services authentication. There have also been parallel developments in security for web services and several releases of a tool set for grid developers.

OGSA

Ian Foster, Joseph Kesselman, Jeffrey Nick and Steve Tuecke wrote an important paper about the Physiology of the Grid and the Open Grid Services Architecture (OGSA). The Global Grid Forum's OGSA 1.0 document specifies security services for enforcing the security policy related to authentication, message integrity, confidentiality and privacy, auditing, intrusion prevention, access control and so on.

For user authentication, delegation and single sign-on, the OGSA uses the Grid Security Infrastructure (GSI) protocol. GSI provides a vehicle for using X.509 certificates with public key-based authentication protocols, such as the Transport Layer Security (TLS) protocol. Another key OGSA characteristic is the use of the Web Services Description Language (WSDL) and the Simple Object Access Protocol (SOAP) for grid services.

OGSI

Building on OGSA, the Globus Alliance chartered a working group that defined the Open Grid Services Infrastructure (OGSI). The OGSI 1.0 proposed recommendation defines how to create, manage and communicate among grid services. It excludes details of grid services security and refers the reader to other specifications for communication protocols, policy management and platform-specific security.

As OGSA and OGSI were evolving, there was much work being done in the web services community to define specifications related to the creation of secure, interoperable web services. Key participants in the Globus Alliance and grid community recognized the merit of aligning grid services technologies with the work being done to evolve web services technology.

WSRF and Web Services Security Technology

By 2004, Globus announced the Web Services Resource Framework (WSRF) would be a re-factoring of OGSI to exploit the standards being developed for web services. Because the OGSA, OGSI and WSRF leverage XML-based technologies (e.g., SOAP), it's possible to exploit technologies for creating web services when building grid services.

OASIS published the WS-Security specification as a standard for creating secure message exchanges that offer authentication, confidentiality, encryption and message integrity. OASIS also published the Security Assertions Markup Language (SAML)

The WS-Policy specification defines fundamentals used for creating security policies, such as the type of security tokens a service will accept.

IBM and Microsoft have submitted the WS-Trust, WS-SecureConversation and WS-SecurityPolicy specifications to OASIS for standardization.  WS-Trust provides for the issuing and exchange of tokens for establishing trust among communicating parties, including Kerberos tickets and X.509 certificates. WS-SecurityPolicy provides a vehicle for expressing policy assertions.

Globus Toolkit

The Globus Alliance has provided several release of a toolkit for developing grid software. Globus Toolkit 4.0 provide an authorization framework, message-level security and transport-level security. To protect the security of SOAP messages, GT4 provides an implementation of the WS-Security standard and the WS-SecureConversation specification.

The authorization and authentication tools are suitable for using with or without web services frameworks. Globus provides Java classes and libraries that support certificate-based authentication. It also provides components for access controls and managing credentials.

More reading:

Sponsored Links

Intrusion Detection and Prevention

IDS Network Module for Cisco 2600, 3600, 3700 routers

icon iconCisco IDS 4250-XL Sensor - network monitoring device

icon iconCyberguard SG580 Firewall VPN Appliance

icon icon WatchGuard Firebox® V100

 

 

Home ] Up ]

Send mail to with questions or comments about this web site.
Copyright © 2005-7 GridSummit.com
Last modified: 10/30/07