Security underpins Grids and e-Research. Without a robust, reliable and simple Grid security infrastructure combined with commonly accepted security practices, large portions of the research community and wider industry will not engage. The predominant way in which security is currently addressed in the Grid community is through Public Key Infrastructures (PKI) based upon X.509 certificates to support authentication. Whilst PKIs address user identity issues, authentication does not provide fine grained control over what users are allowed to do on remote resources (authorization). In this paper we outline how we have successfully combined Shibboleth and advanced authorization technologies to provide simplified (from the user perspective) but fine grained security for access to and usage of Grid resources. We demonstrate this approach through different security focused e-Science projects being conducted at the National e-Science Centre (NeSC) at the University of Glasgow. We believe that...
Richard O. Sinnott, Jipu Jiang, J. P. Watt, Oluwaf