Grid Access Toolkit for MS Windows Daniel Kouil

  • Slides: 10
Download presentation
Grid Access Toolkit for MS Windows Daniel Kouřil CESNET, kouril@ics. muni. cz MWSG meeting,

Grid Access Toolkit for MS Windows Daniel Kouřil CESNET, kouril@ics. muni. cz MWSG meeting, Jun 12 -13 2007

Motivation n Ease access to Grid facilities and provide a SSO solution Not aiming

Motivation n Ease access to Grid facilities and provide a SSO solution Not aiming at a complex desktop grid solution Focusing on the g. Lite model n n A simple package that can be easily installed Smart card support Intergration with standard Windows environment n n UI machines accessed using SSH don‘t care about Unix or Mac. OS users at the moment (Kerberos interoperability)

Main obstacles identified n n Proxy management Lack of real SSO solution n either

Main obstacles identified n n Proxy management Lack of real SSO solution n either cumbersome or even unsecure GUI not available CA root certificates management n CRL updates

Goals n GUI to proxy certificates management n n with VOMS support GSI enabled

Goals n GUI to proxy certificates management n n with VOMS support GSI enabled ssh and scp clients Use as much as possible standard tools Real SSO mechanism n users explicitely log in to the grid from their desktop just once a day

Current status n n Command-line commands to generate proxy certificates A beta version of

Current status n n Command-line commands to generate proxy certificates A beta version of GUI to maintain proxies n n n create/destroy proxy certificates support for smart cards and MS Windows Cert. Store GSI enabled Pu. TTY and Win. SCP n n authentication using GSI credential delegation

GUI

GUI

Pu. TTY & Win. SCP

Pu. TTY & Win. SCP

Components n Globus n n n GSSAPI libraries ported to Win 32 patch not

Components n Globus n n n GSSAPI libraries ported to Win 32 patch not comunicated yet VOMS n n n client part ported to Win 32 voms-proxy-init, voms-proxy-info commands available for Win 32 patch being discussed with Vincenzo re-actived support for PKCS 11 added support for MS Cert. Store n no need to store certificates in files

Components n Network Identity Manager n n n Plugin for Net. Id. Mgr to

Components n Network Identity Manager n n n Plugin for Net. Id. Mgr to maintain proxy certificates n n n a modular framework to maintain credentials developed by the Kerberos community plugins for Kerberos 5, Kerberos 4, AFS, k. CA open source solution (MIT license) based on VOMS libraries currently tied with Kerberos identity Pu. TTy and Win. SCP n n a third-party patch neccessary for GSSAPI support originaly meant for Kerberos works with Globus as well

Resources n http: //egee. cesnet. cz/mediawiki/index. p hp/VOMS_on_MS_Windows n n contains a zip archive

Resources n http: //egee. cesnet. cz/mediawiki/index. p hp/VOMS_on_MS_Windows n n contains a zip archive with the voms tools and ssh clients http: //egee. cesnet. cz/mediawiki/index. p hp/Proxy_Management_Using_the_Net work_Identity_Provider n under development

Windows Windows Windows XP Windows Vista Windows 7Windows Windows Windows XP Windows Vista Windows 7
Windows Windows 951995 Windows 981996 Windows 20002000 WindowsWindows Windows 951995 Windows 981996 Windows 20002000 Windows
Access Grid Toolkit 2 0 The Access GridAccess Grid Toolkit 2 0 The Access Grid
Windows Access Control Access Control Windows access controlWindows Access Control Access Control Windows access control
Windows Access Control Access Control Windows access controlWindows Access Control Access Control Windows access control
Windows Access Control Access Control Windows access controlWindows Access Control Access Control Windows access control
Windows Performance Lifecycle Windows Internals Windows Performance ToolkitWindows Performance Lifecycle Windows Internals Windows Performance Toolkit
Bezpenost Michal Prochzka Daniel Kouil Pro bezpenost ZamezenBezpenost Michal Prochzka Daniel Kouil Pro bezpenost Zamezen
Security modules for Apache Daniel Kouil Matej PrikSecurity modules for Apache Daniel Kouil Matej Prik