Computing and Information Systems - Research Publications

Permanent URI for this collection

http://hdl.handle.net/11343/350

Filters

Reset filters

Settings
Statistics
Citations
Author: Sinnott, Richard × End date: 2006 ×

Search Results

Now showing 1 - 10 of 48
  • Item
    Thumbnail Image
    Grid security: practices, middleware, and outlook
    SINNOTT, RICHARD (National e-Science Centre, 2005)
    Middleware, Practices and Outlook report was funded by JISC to explore the landscape of Grid security. The report summarises experiences of existing Grid middleware and practices today including Public Key Infrastructures and their limitations. A review of advanced authorisation technologies and developments within the Internet2 community are also explored with regard to their potential impact upon Grid based e-Research.
  • Item
    Thumbnail Image
    Distributed BLAST in a grid computing context
    Bayer, Micha ; SINNOTT, RICHARD (Springer, 2005)
    The Basic Local Alignment Search Tool (BLAST) is one of the best known sequence comparison programs available in bioinformatics. It is used to compare query sequences to a set of target sequences, with the intention of finding similar sequences in the target set. Here, we present a distributed BLAST service which operates over a set of heterogeneous Grid resources and is made available through a Globus toolkit v.3 Grid service. This work has been carried out in the context of the BRIDGES project, a UK e-Science project aimed at providing a Grid based environment for biomedical research. Input consisting of multiple query sequences is partitioned into sub-jobs on the basis of the number of idle compute nodes available and then processed on these in batches. To achieve this, we have implemented our own Java-based scheduler which distributes sub-jobs across an array of resources utilizing a variety of local job scheduling systems.
  • Item
    Thumbnail Image
    A Shibboleth-protected privilege management infrastructure for e-science education
    Watt, J. ; Ajayi, O. ; Jiang, J. ; Koetsier, J. ; Sinnott, R. O. (IEEE Computer Society, 2006)
    Simplifying access to and usage of large scale compute resources via the grid is of critical importance to encourage the uptake of e-research. Security is one aspect that needs to be made as simple as possible for end users. The ESP-Grid and DyVOSE projects at the National e-Science Centre (NeSC) at the University of Glasgow are investigating security technologies which will make the end-user experience of using the grid easier and more secure. In this paper, we outline how simplified (from the user experience) authentication and authorization of users are achieved through single usernames and passwords at users' home institutions. This infrastructure, which will be applied in the second year of the grid computing module part of the advanced MSc in Computing Science at the University of Glasgow, combines grid portal technology, the Internet2 Shibboleth Federated Access Control infrastructure, and the PERMS role-based access control technology. Through this infrastructure inter-institutional teaching can be supported where secure access to federated resources is made possible between sites. A key aspect of the work we describe here is the ability to support dynamic delegation of authority whereby local/remote administrators are able to dynamically assign meaningful privileges to remote/local users respectively in a trusted manner thus allowing for the dynamic establishment of virtual organizations with fine grained security at their heart.
  • Item
    Thumbnail Image
    Secure federated data retrieval in clinical trials
    Stell, A ; Sinnott, R ; Ajayi, O ; Pinciroli, F (ACTA PRESS ANAHEIM, 2006)
  • Item
    Thumbnail Image
    Development of grid frameworks for clinical trials and epidemiological studies
    SINNOTT, RICHARD ; STELL, ANTHONY ; Ajayi, Oluwafemi (IOS Press, 2006)
    E-Health initiatives such as electronic clinical trials and epidemiological studies require access to and usage of a range of both clinical and other data sets. Such data sets are typically only available over many heterogeneous domains where a plethora of often legacy based or in-house/bespoke IT solutions exist. Considerable efforts and investments are being made across the UK to upgrade the IT infrastructures across the National Health Service (NHS) such as the National Program for IT in the NHS (NPFIT) [1]. However, it is the case that currently independent and largely non-interoperable IT solutions exist across hospitals, trusts, disease registries and GP practices – this includes security as well as more general compute and data infrastructures. Grid technology allows issues of distribution and heterogeneity to be overcome, however the clinical trials domain places special demands on security and data which hitherto the Grid community have not satisfactorily addressed. These challenges are often common across many studies and trials hence the development of a re-usable framework for creation and subsequent management of such infrastructures is highly desirable. In this paper we present the challenges in developing such a framework and outline initial scenarios and prototypes developed within the MRC funded Virtual Organisations for Trials and Epidemiological Studies (VOTES) project [2].
  • Item
    Thumbnail Image
    Shibboleth-based access to and usage of grid resources
    Sinnott, R. O. ; Jiang, J. ; Watt, O. ; Ajayi, O. (IEEE, 2006)
    Security underpins grids and e-research. Without a robust, reliable and simple grid security infrastructure combined with commonly accepted security practices, large portions of the research community and wider industry will not engage. The predominant way in which security is currently addressed in the grid community is through public key infrastructures (PKI) based upon X.509 certificates to support authentication. Whilst PKIs address user identity issues, authentication does not provide fine grained control over what users are allowed to do on remote resources (authorization). In this paper we outline how we have successfully combined Shibboleth and advanced authorization technologies to provide simplified (from the user perspective) but fine grained security for access to and usage of grid resources. We demonstrate this approach through different security focused e-science projects being conducted at the National e-Science Centre (NeSC) at the University of Glasgow. We believe that this model is widely applicable and encourage the further uptake of e-science by non-IT specialists in the research communities.
  • Item
    Thumbnail Image
    Supporting decentralized, security focused dynamic virtual organizations across the grid
    Sinnott, RO ; Chadwick, DW ; Koetsier, J ; Otenko, O ; Watt, J ; Nguyen, TA (IEEE, 2006-12-01)
  • Item
    Thumbnail Image
    Grid infrastructures for secure access to and use of bioinformatics data: experiences from the BRIDGES project
    Sinnott, R. ; Bayer, M. ; Stell, A. ; Koetsier, J. (IEEE Computer Society, 2006)
    The BRIDGES project was funded by the UK Department of Trade and Industry (DTI) to address the needs of cardiovascular research scientists investigating the genetic causes of hypertension as part of the Wellcome Trust funded (£4.34M) cardiovascular functional genomics (CFG) project. Security was at the heart of the BRIDGES project and an advanced data and compute grid infrastructure incorporating latest grid authorisation technologies was developed and delivered to the scientists. We outline these grid infrastructures and describe the perceived security requirements at the project start including data classifications and how these evolved throughout the lifetime of the project. The uptake and adoption of the project results are also presented along with the challenges that must be overcome to support the secure exchange of life science data sets. We also present how we will use the BRIDGES experiences in future projects at the National e-Science Centre.
  • Item
    Thumbnail Image
    Controlling the chaos: developing post-genomic grid infrastructures
    SINNOTT, RICHARD ; Bayer, Micha ; Arzberger, Peter (World Scientific, 2006)
    "Why does Scotland have one of the highest rates of heart attacks in Europe? Are there genetic factors which contribute to this statistic?" The analysis and exploration of a broad array of life science data sets are needed to answer such questions. The Grid provides, at least conceptually, one way in which these kinds of data sets can be linked and analysed. The life science domain places specific requirements on the Grid infrastructure needed to answer such questions. In this paper we describe these requirements and outline how they are being addressed in the BRIDGES project.
  • Item
    Thumbnail Image
    Single sign-on and authorization for dynamic virtual organizations
    Sinnott, R. O. ; Ajayi, O. ; Stell, A. J. ; Watt, J. ; JIANG, J. (Springer, 2006)
    The vision of the Grid is to support the dynamic establishment and subsequent management of virtual organizations (VO). To achieve this presents many challenges for the Grid community with perhaps the greatest one being security. Whilst Public Key Infrastructures (PKI) provide a form of single sign-on through recognition of trusted certification authorities, they have numerous limitations. The Internet2 Shibboleth architecture and protocols provide an enabling technology overcoming some of the issues with PKIs however Shibboleth too suffers from various limitations that make its application for dynamic VO establishment and management difficult. In this paper we explore the limitations of PKIs and Shibboleth and present an infrastructure that incorporates single sign-on with advanced authorization of federated security infrastructures and yet is seamless and targeted to the needs of end users. We explore this infrastructure through an educational case study at the National e-Science Centre (NeSC) at the University of Glasgow and Edinburgh.