Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed "virtual organizations.” The dynamic and multi-institutional nature of these environments introduces challenging security issues that demand new technical approaches. In particular, one must deal with diverse local mechanisms, support dynamic creation of services, and enable dynamic creation of trust domains. We describe how these issues are addressed in two generations of the Globus Toolkit®. First, we review the Globus Toolkit version 2 (GT2) approach; then, we describe new approaches developed to support the Globus Toolkit version 3 (GT3) implementation of the Open Grid Services Architecture, an initiative that is recasting Grid concepts within a serviceoriented framework based on Web services. GT3’s security implementation uses Web services security mechanisms for credential exchange and other purposes, and introduces a tight leastprivilege model that avoids the need for ...
Von Welch, Frank Siebenlist, Ian T. Foster, John B