A national-scale authentication infrastructure.
Today, individuals and institutions in science and industry are increasingly forming virtual organizations to pool resources and tackle a common goal. Participants in virtual organizations commonly need to share resources such as data archives, computer cycles, and networks - resources usually available only with restrictions based on the requested resource's nature and the user's identity. Thus, any sharing mechanism must have the ability to authenticate the user's identity and determine if the user is authorized to request the resource. Virtual organizations tend to be fluid, however, so authentication mechanisms must be flexible and lightweight, allowing administrators to quickly establish and change resource-sharing arrangements. However, because virtual organizations complement rather than replace existing institutions, sharing mechanisms cannot change local policies and must allow individual institutions to maintain control over their own resources. Our group has created and deployed an authentication and authorization infrastructure that meets these requirements: the Grid Security Infrastructure. GSI offers secure single sign-ons and preserves site control over access policies and local security. It provides its own versions of common applications, such as FTP and remote login, and a programming interface for creating secure applications.
- Research Organization:
- Argonne National Lab. (ANL), Argonne, IL (United States)
- Sponsoring Organization:
- USDOE Office of Science (SC); USDOD; National Science Foundation (NSF); National Aeronautics and Space Administration (NASA)
- DOE Contract Number:
- DE-AC02-06CH11357
- OSTI ID:
- 943137
- Report Number(s):
- ANL/MCS/JA-37792; TRN: US201002%%623
- Journal Information:
- IEEE Computer, Vol. 33, Issue 12 ; Dec. 2000
- Country of Publication:
- United States
- Language:
- ENGLISH
Similar Records
Enhancing the Earth System Grid Authentication Infrastructure through Single Sign-On and Autoprovisioning
Interoperable PKI Data Distribution in Computational Grids