By Topic

Evaluating Grid Portal Security

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Vecchio, D.D. ; Dept. of Comput. Sci., Virginia Univ., Charlottesville, VA ; Hazlewood, V. ; Humphrey, M.

Grid portals are an increasingly popular mechanism for creating customizable, Web-based interfaces to grid services and resources. Due to the powerful, general-purpose nature of grid technology, the security of any portal or entry point to such resources cannot be taken lightly. This is particularly true if the portal is running inside of a trusted perimeter, such as a science gateway running on an SDSC machine for access to the TeraGrid. To evaluate the current state of grid portal security, we undertake a comparative analysis of the three most popular grid portal frameworks that are being pursued as frontends to the TeraGrid: GridSphere, OGCE and clarens. We explore general challenges that grid portals face in the areas of authentication (including user identification), authorization, auditing (logging) and session management then contrast how the different grid portal implementations address these challenges. We find that although most grid portals address these security concerns to a certain extent, there is still room for improvement, particularly in the areas of secure default configurations and comprehensive logging and auditing support. We conclude with specific recommendations for designing, implementing and configuring secure grid portals

Published in:

SC 2006 Conference, Proceedings of the ACM/IEEE

Date of Conference:

Nov. 2006