elib
DLR-Header
DLR-Logo -> http://www.dlr.de
DLR Portal Home | Impressum | Kontakt | English
Schriftgröße: [-] Text [+]

Design and Implementation of a Security Gateway for Grid Services

Gude, Roland (2005) Design and Implementation of a Security Gateway for Grid Services. Bachelorarbeit, Fachhochschule Bonn-Rhein-Sieg.

[img]
Vorschau
PDF - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
1MB

Kurzfassung

Grid services will form the base for future computational Grids. Web Services, have been extended to build Grid services. Grid Services are dened in the Open Grid Service Architecture (OGSA). The Globus Alliance has released a Web Service Resource Framework, which is still under development and which is still missing vital parts. One of them is a Concept that allows Grid-Service Requests to securely traverse Firewalls, and its realization. This Thesis aims at the development and realization of a detailed Concept for an Application Level Gateway for Grid services, based on an existing rough concept. This approach should enable a strict division between a local network and the Internet. The internet is considered as a untrusted site and the local network is considered as a trusted site. Grid resources are placed in the internet as well as in the local network. This means that the possibility to communicate through a Firewall is essential. Some further protocols like Grid Resource Allocation and Management (GRAM) and the Grid File Transfer Protocol (GridFTP) must be able to traverse the network borders securely as well, while no further actions must be taken from the user side. The German Federal Oce for Information Security (BSI) proposes a Firewall - Application Level Gateway (ALG) - Firewall solution to the German Aerospace Center (DLR) where this Thesis is written, as a principle approach. In this approach, the local network is divided from the Internet with two rewalls. Between those rewalls is a demilitarized zone (DMZ), where computers may be placed, which can be accessed from the Internet and from the local network. An ALG which is placed in this DMZ should represent the local Grid nodes to the Internet and it should act as a client to the local nodes. All Grid service requests must be directed to the ALG instead of the protected Grid nodes. The ALG then checks and validates the requests on the application level (OSI layer 7). Requests that pose no security threat and fulll certain criteria will then be forwarded to the local Grid nodes. The responses from the local Grid nodes are checked and validated by the ALG as well.

Dokumentart:Hochschulschrift (Bachelorarbeit)
Titel:Design and Implementation of a Security Gateway for Grid Services
Autoren:
AutorenInstitution oder E-Mail-Adresse der Autoren
Gude, RolandNICHT SPEZIFIZIERT
Datum:2005
Seitenanzahl:55
Status:nicht veröffentlicht
Stichwörter:Grid Computing, Grid Security, Globus Toolkit
Institution:Fachhochschule Bonn-Rhein-Sieg
Abteilung:Informatik
HGF - Forschungsbereich:Verkehr und Weltraum (alt)
HGF - Programm:Weltraum (alt)
HGF - Programmthema:W SY - Technik für Raumfahrtsysteme
DLR - Schwerpunkt:Weltraum
DLR - Forschungsgebiet:W SY - Technik für Raumfahrtsysteme
DLR - Teilgebiet (Projekt, Vorhaben):W - Vorhaben SISTEC (alt)
Standort: Köln-Porz
Institute & Einrichtungen:Institut für Simulations- und Softwaretechnik > Verteilte Systeme und Komponentensoftware
Hinterlegt von: Andreas Schreiber
Hinterlegt am:02 Mär 2009
Letzte Änderung:12 Dez 2013 20:08

Nur für Mitarbeiter des Archivs: Kontrollseite des Eintrags

Blättern
Suchen
Hilfe & Kontakt
Informationen
electronic library verwendet EPrints 3.3.12
Copyright © 2008-2013 Deutsches Zentrum für Luft- und Raumfahrt (DLR). Alle Rechte vorbehalten.