- Computing and Information Systems - Research Publications
Computing and Information Systems - Research Publications
Permanent URI for this collection
48 results
Filters
Reset filtersSettings
Statistics
Citations
Search Results
Now showing
1 - 10 of 48
-
ItemGrid security: practices, middleware, and outlookSINNOTT, RICHARD (National e-Science Centre, 2005)Middleware, Practices and Outlook report was funded by JISC to explore the landscape of Grid security. The report summarises experiences of existing Grid middleware and practices today including Public Key Infrastructures and their limitations. A review of advanced authorisation technologies and developments within the Internet2 community are also explored with regard to their potential impact upon Grid based e-Research.
-
ItemDistributed BLAST in a grid computing contextBayer, Micha ; SINNOTT, RICHARD (Springer, 2005)The Basic Local Alignment Search Tool (BLAST) is one of the best known sequence comparison programs available in bioinformatics. It is used to compare query sequences to a set of target sequences, with the intention of finding similar sequences in the target set. Here, we present a distributed BLAST service which operates over a set of heterogeneous Grid resources and is made available through a Globus toolkit v.3 Grid service. This work has been carried out in the context of the BRIDGES project, a UK e-Science project aimed at providing a Grid based environment for biomedical research. Input consisting of multiple query sequences is partitioned into sub-jobs on the basis of the number of idle compute nodes available and then processed on these in batches. To achieve this, we have implemented our own Java-based scheduler which distributes sub-jobs across an array of resources utilizing a variety of local job scheduling systems.
-
ItemA Shibboleth-protected privilege management infrastructure for e-science educationWatt, J. ; Ajayi, O. ; Jiang, J. ; Koetsier, J. ; Sinnott, R. O. (IEEE Computer Society, 2006)Simplifying access to and usage of large scale compute resources via the grid is of critical importance to encourage the uptake of e-research. Security is one aspect that needs to be made as simple as possible for end users. The ESP-Grid and DyVOSE projects at the National e-Science Centre (NeSC) at the University of Glasgow are investigating security technologies which will make the end-user experience of using the grid easier and more secure. In this paper, we outline how simplified (from the user experience) authentication and authorization of users are achieved through single usernames and passwords at users' home institutions. This infrastructure, which will be applied in the second year of the grid computing module part of the advanced MSc in Computing Science at the University of Glasgow, combines grid portal technology, the Internet2 Shibboleth Federated Access Control infrastructure, and the PERMS role-based access control technology. Through this infrastructure inter-institutional teaching can be supported where secure access to federated resources is made possible between sites. A key aspect of the work we describe here is the ability to support dynamic delegation of authority whereby local/remote administrators are able to dynamically assign meaningful privileges to remote/local users respectively in a trusted manner thus allowing for the dynamic establishment of virtual organizations with fine grained security at their heart.
-
ItemSecure federated data retrieval in clinical trialsStell, A ; Sinnott, R ; Ajayi, O ; Pinciroli, F (ACTA PRESS ANAHEIM, 2006)
-
ItemDevelopment of grid frameworks for clinical trials and epidemiological studiesSINNOTT, RICHARD ; STELL, ANTHONY ; Ajayi, Oluwafemi (IOS Press, 2006)E-Health initiatives such as electronic clinical trials and epidemiological studies require access to and usage of a range of both clinical and other data sets. Such data sets are typically only available over many heterogeneous domains where a plethora of often legacy based or in-house/bespoke IT solutions exist. Considerable efforts and investments are being made across the UK to upgrade the IT infrastructures across the National Health Service (NHS) such as the National Program for IT in the NHS (NPFIT) [1]. However, it is the case that currently independent and largely non-interoperable IT solutions exist across hospitals, trusts, disease registries and GP practices – this includes security as well as more general compute and data infrastructures. Grid technology allows issues of distribution and heterogeneity to be overcome, however the clinical trials domain places special demands on security and data which hitherto the Grid community have not satisfactorily addressed. These challenges are often common across many studies and trials hence the development of a re-usable framework for creation and subsequent management of such infrastructures is highly desirable. In this paper we present the challenges in developing such a framework and outline initial scenarios and prototypes developed within the MRC funded Virtual Organisations for Trials and Epidemiological Studies (VOTES) project [2].
-
ItemShibboleth-based access to and usage of grid resourcesSinnott, R. O. ; Jiang, J. ; Watt, O. ; Ajayi, O. (IEEE, 2006)Security underpins grids and e-research. Without a robust, reliable and simple grid security infrastructure combined with commonly accepted security practices, large portions of the research community and wider industry will not engage. The predominant way in which security is currently addressed in the grid community is through public key infrastructures (PKI) based upon X.509 certificates to support authentication. Whilst PKIs address user identity issues, authentication does not provide fine grained control over what users are allowed to do on remote resources (authorization). In this paper we outline how we have successfully combined Shibboleth and advanced authorization technologies to provide simplified (from the user perspective) but fine grained security for access to and usage of grid resources. We demonstrate this approach through different security focused e-science projects being conducted at the National e-Science Centre (NeSC) at the University of Glasgow. We believe that this model is widely applicable and encourage the further uptake of e-science by non-IT specialists in the research communities.
-
ItemSupporting decentralized, security focused dynamic virtual organizations across the gridSinnott, RO ; Chadwick, DW ; Koetsier, J ; Otenko, O ; Watt, J ; Nguyen, TA (IEEE, 2006-12-01)
-
ItemGrid infrastructures for secure access to and use of bioinformatics data: experiences from the BRIDGES projectSinnott, R. ; Bayer, M. ; Stell, A. ; Koetsier, J. (IEEE Computer Society, 2006)The BRIDGES project was funded by the UK Department of Trade and Industry (DTI) to address the needs of cardiovascular research scientists investigating the genetic causes of hypertension as part of the Wellcome Trust funded (£4.34M) cardiovascular functional genomics (CFG) project. Security was at the heart of the BRIDGES project and an advanced data and compute grid infrastructure incorporating latest grid authorisation technologies was developed and delivered to the scientists. We outline these grid infrastructures and describe the perceived security requirements at the project start including data classifications and how these evolved throughout the lifetime of the project. The uptake and adoption of the project results are also presented along with the challenges that must be overcome to support the secure exchange of life science data sets. We also present how we will use the BRIDGES experiences in future projects at the National e-Science Centre.
-
ItemControlling the chaos: developing post-genomic grid infrastructuresSINNOTT, RICHARD ; Bayer, Micha ; Arzberger, Peter (World Scientific, 2006)"Why does Scotland have one of the highest rates of heart attacks in Europe? Are there genetic factors which contribute to this statistic?" The analysis and exploration of a broad array of life science data sets are needed to answer such questions. The Grid provides, at least conceptually, one way in which these kinds of data sets can be linked and analysed. The life science domain places specific requirements on the Grid infrastructure needed to answer such questions. In this paper we describe these requirements and outline how they are being addressed in the BRIDGES project.
-
ItemSingle sign-on and authorization for dynamic virtual organizationsSinnott, R. O. ; Ajayi, O. ; Stell, A. J. ; Watt, J. ; JIANG, J. (Springer, 2006)The vision of the Grid is to support the dynamic establishment and subsequent management of virtual organizations (VO). To achieve this presents many challenges for the Grid community with perhaps the greatest one being security. Whilst Public Key Infrastructures (PKI) provide a form of single sign-on through recognition of trusted certification authorities, they have numerous limitations. The Internet2 Shibboleth architecture and protocols provide an enabling technology overcoming some of the issues with PKIs however Shibboleth too suffers from various limitations that make its application for dynamic VO establishment and management difficult. In this paper we explore the limitations of PKIs and Shibboleth and present an infrastructure that incorporates single sign-on with advanced authorization of federated security infrastructures and yet is seamless and targeted to the needs of end users. We explore this infrastructure through an educational case study at the National e-Science Centre (NeSC) at the University of Glasgow and Edinburgh.