Grid Security Infrastructure

The Grid Security Infrastructure (GSI), formerly called the Globus Security Infrastructure, is a specification for secret, tamper-proof, delegatable communication between software in a grid computing environment. Secure, authenticatable communication is enabled using asymmetric encryption.

Authentication

Authentication is performed using digital signature technology (see digital signatures for an explanation of how this works); secure authentication allows resources to lock data to only those who should have access to it.

Delegation

Authentication introduces a problem: often a service will have to retrieve data from a resource independent of the user; in order to do this, it must be supplied with the appropriate privileges. GSI allows for the creation of delegated privileges: a new key is created, marked as a delegated and signed by the user; it is then possible for a service to act on behalf of the user to fetch data from the resource.

Security Mechanisms

Communications may be secured using a combination of methods:

gollark: Is it *really* software if it isn't GPU-accelerated?
gollark: To mitigate this, osmarks.net servers use IPoAC instead of vulnerable Ethernet NICs.
gollark: I read a great thingy on using a combination of CUDA code loaded onto a GPU and patched NIC firmware to implement a near-invisible backdoor.
gollark: No, I mean you could write your webserver as a CUDA program with some glue code, I'm pretty sure it's turing-complete.
gollark: I see.

References
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.