LinuxHPC.org/Cluster Builder 1.3
Grid Security Infrastructure
Grid Security Infrastructure
By LinuxHPC.org and Cluster Resources
| Grid Security Infrastructure |
|
Grid Security Infrastructure is a specification for secret, tamper-proof, delegatable communication between software in the grid computing environment. Secure, authenticatable communication is enabled using a asymmetric encryption.
Authentication
Authentication is performed using digital signature technology (see digital signatures for an explanation of how this works); secure authentication allows resources to lock data to only those who should have access to it.
Delegation
Authentication introduces a problem: often a service will have to retrive data from a resource independent of the user; in order to do this, it must be supplied with the appropriate privileges. GSI allows for the creation of delegated privileges: a new key is created, marked as a delegated and signed by the user; it is then possible for a service to act on behalf of the user to fetch data from the resource.
All text used in this article is available under the GNU Free Documentation License. It uses material from the Wikipedia article "Grid Security Infrastructure".