Software Links
Getting Started
- Doc Structure
- A Globus Primer
- Globus Is Modular!
- Quickstart
- Installing GT
- Platform Notes
- GT Developer's Guide
- GT User's Guide (coming soon)
- Migrating from GT2
- Migrating from GT3
Reference
- Best Practices
- Coding Guidelines
- API docs
- Public Interfaces (coming soon)
- Resource Properties
- Samples
- Glossary
- Performance Studies (coming soon)
Manuals
Common Runtime
Security
- Non-WS (General) Security
- WS Java Security
- Message-level
- Authz Framework
- CAS
- Delegation Service
- MyProxy
- GSI-OpenSSH
- SimpleCA
- SGAS
Data Mgt
MDS4
Execution Mgt
Security tools are concerned with establishing the identity of users or services (authentication), protecting communications (message protection), and determining who is allowed to perform what actions (authorization). It also includes supporting functions such as managing user credentials and maintaining group membership information.
GT4 provides distinct WS and non-WS authentication and authorization capabilities. Both build on the same base, namely standard X.509 end entity certificates and proxy certificates, which are used to identify persistent entities such as users and servers and to support the temporary delegation of privileges to other entities.
For more information about the security concepts behind GT4, see Security: Key Concepts.
C WS Authorization & Authorization (coming soon)
Managing Credentials:
Utilities:
GridShib (coming soon)
| If you want to: | see: |
|---|---|
| install and configure basic Grid Security | Basic Security Configuration and GT 4.1.3 Quickstart |
| obtain certificates | Obtaining host certificates |
| set the env var for gridmap files | Section 2, “Gridmap file” [need a more complete section on gridmap] |
| use firewalls with GSI | Firewall HowTo |
| compare features between Java and C WS security code | Security Features |
| learn about the types of proxy certificates used in GT | Proxy Cert Types |
| use secure single-signon | FIXME |
| manage proxy certificates, use security for non-WS components | Pre-WS Authentication and Authorization |
| use security for WS components (in Java) | Java WS Security |
| use secure messages for WS components (in Java) | Message & Transport Level Security |
| use the underlying framework for WS Authentication and Authorization (in Java) | Authorization Framework |
| use security for WS components (in C) | WS C Security (coming soon) |
| delegate credentials for web services | Delegation Service |
| manage fine-grained authorization within a community | Community Authorization Service (CAS) |
| manage credentials by storing proxies in a repository | MyProxy |
| use a very simple Certificate Authority (CA) for testing purposes | SimpleCA |
| use a single-signon remote login | GSI-OpenSSH |