OSU Department of Biomedical Informatics

GAARDS

The GAARDS infrastructure provides services and tools for the administration and enforcement of security policy in an enterprise Grid. Figure 1 illustrates the infrastructure.

GAARDS Infratstructure

Figure 1: The GAARDS Infrastructure

GAARDS is developed on top of the Globus Toolkit and extends its GSI component to provide enterprise services and administrative tools for:

  1. Grid user management
  2. identity federation
  3. trust management
  4. group/VO management
  5. Access Control Policy management and enforcement
  6. Integration between existing security domains and the Grid security domain.

GAARDS services can be used individually or in concert to meet the authentication and authorization needs. Below is a list of some of the core services provided by GAARDS:

  • Dorian A Grid service for the provisioning and management of Grid users accounts. Dorian provides an integration point between external security domains and the Grid, allowing accounts managed in external domains to be federated and managed in the Grid. It allows users to use their existing credentials (which may be external to the Grid) to authenticate to the Grid.
  • Grid Trust Service (GTS) GTS is a Grid-wide mechanism for maintaining and provisioning a federated trust fabric consisting of trusted certificate authorities, allowing Grid services to make authentication decisions against the most recent information.
  • Grid Grouper Provides a group-based authorization solution for the Grid. Grid services and applications enforce authorization policy based on membership to Grid-level groups.
  • Authentication Service Provides a framework for issuing SAML assertions for existing credential providers so they may easily integrate with Dorian and other Grid credential providers. The authentication service also provides a uniform authentication interface upon which applications can be built.

For more information on GAARDS please visit cagrid.org.

Software Downloads

GAARDS Software can be downloaded here.

Project Researchers

David Ervin
Shannon Hastings, M.S.
Stephen Langella, M.S.
Scott Oster, M.S.
Justin Permar

Project Publications

Publications

Scott Oster, Shannon L. Hastings, Stephen Langella, David W. Ervin, Ravi Madduri, Tahsin M. Kurc, Frank Siebenlist, Ian Foster, Krishnakant Shanbhag, Peter A. Covitz, Joel H. Saltz, "caGrid 1.0: A Grid Enterprise Architecture for Cancer Research", Proceedings of the 2007 AMIA Annual Symposium, 2007: pp. 573-577.

Stephen Langella, Scott Oster, Shannon L. Hastings, Frank Siebenlist, Tahsin M. Kurc, Joel H. Saltz, "Dorian: Grid Service Infrastructure for Identity Management and Federation", The 19th IEEE Symposium on Computer-Based Medical Systems, 2006: pp. 756-761.

Presentations

Scott Oster, "caGrid 1.1 Overview", Washington, D.C., Presented: 2007-08-07

Scott Oster, "caGrid 2.0 Planning", Washington, D.C., Presented: 2007-08-07

Scott Oster, "Current caGrid 1.0 Feature Highlights", caBIG Architecture/VCDE Joint Face to Face meeting, Washington, D.C., Presented: 2007-08-06

Scott Oster, Shannon L. Hastings, "caGrid 1.1 Demos and Training", Washington, D.C., Presented: 2007-08-06

Scott Oster, "caGrid Future Direction Planning", Washington, D.C., Presented: 2007-08-06

Scott Oster, "Keynote Address: The Cancer Biomedical Informatics Grid: Connecting the Cancer Research Community", Challenges of Large Applications in Distributed Environments (CLADE) 2007, HPDC Workshop, Monterey, California, Presented: 2007-06-25

Shannon L. Hastings, David W. Ervin, Stephen Langella, Scott Oster, "caBIG Developer Bootcamp", caBIG Developer Bootcamp, Rockville, MD, Presented: 2007-04-17

Stephen Langella, Shannon L. Hastings, Scott Oster, David W. Ervin, "Advanced Topics in Developing caBIG Grid Services (HANDS ON)", caBIG Annual Meeting 2007, Washington, D.C., Presented: 2007-02-06

Stephen Langella, Scott Oster, Shannon L. Hastings, "caGrid 1.0 Security Infrastructure and Policy", caBIG Annual Meeting 2007, Washington, D.C., Presented: 2007-02-05

Scott Oster, Shannon L. Hastings, Stephen Langella, David W. Ervin, Tahsin M. Kurc, Joel H. Saltz, "caGrid 1.0 Overview (poster)", caBIG Annual Meeting 2007, Washington, D.C., Presented: 2007-02-05

Stephen Langella, Scott Oster, Shannon L. Hastings, David W. Ervin, Tahsin M. Kurc, Joel H. Saltz, "caGrid 1.0 Security Infrastructure (poster)", caBIG Annual Meeting 2007, Washington, D.C., Presented: 2007-02-05

Stephen Langella, "Building on Distributed Access Management from a caBIG Perspective", Building a Distributed Access Management Infrastructure, Denver, Colorado, Presented: 2006-11-09

Stephen Langella, "Distributed Group and Privilege Management in caBIG", Building a Distributed Access Management Infrastructure, Denver, Colorado, Presented: 2006-11-07

Stephen Langella, "caGrid 1.0 Security Infrastructure", Grid World 2006, Washington DC, Presented: 2006-09-14

Stephen Langella, "Grid Trust Service (GTS) Overview and Design", Identity Management and Federation Working Group Meeting, Presented: 2006-05-02

Stephen Langella, "Dorian Grid Identity Management and Federation", Dialogue Workshop II, Edinburgh, Scotland, Presented: 2006-02-10
[edit this page]