Trust on the Grid Goes Global
The creation of an international Grid federation will help scientists from around the world access computers and information in over 50 countries and regions simply, securely and easily. The International Grid Trust Federation (IGTF) was established at the Global Grid Forum meeting which took place in Boston last week, and will bring together organizations representing Asia, the Americas and Europe- from Canada to China and from Portugal to Pakistan. Members of the federation provide systems allowing each scientist to identify him- or herself to any Grid resource in the world with just a single online identity in the form of a digital certificate.
“The goal is to provide scientists from around the world with seamless access to all the resources on the Grid.” explained Dr Neil Geddes, Director of e-Science at the CCLRC (www.clrc.ac.uk) Rutherford Appleton Laboratory. “Reliably identifying grid users and their work is critical to the success of grid computing across the world. The formation of the IGTF is a huge step forward in agreeing mechanisms whereby users of one grid can seamlessly become users of all grids, thereby, unlocking the full potential of grid computing worldwide.”
IGTF is a federation of three so-called Policy Management Authorities, one covering the EU and beyond (www.eugridpma.org), one for the Americas (www.tagpma.org), and one for Asia-Pacific (www.apgridpma.org). Individual members are national certification authorities who issue digital certificates to scientists to enable them to use the Grid, international Grid collaborations who rely on the authorities for authenticating their scientists, and major infrastructure providers who rely on certificates for protecting their resources. These resources include over 40,000 computer processors and several petabytes of storage - equivalent to millions of DVDs. The federation today has 61 members and covers 50 countries and regions.
The UK has been at the forefront of efforts to build international trust among Grids, with early steps towards the formation of IGTF led by Dr David Kelsey of CCLRC Rutherford Appleton Laboratory. “The new federation builds on the strong foundations laid by the European Grid Policy Management Authority, which established the common baseline for identity providers to be considered trustworthy by an increasing number of resource and service providers” explained Dr Kelsey, who was founder and chairman of the European group from 2000 to 2003. “These same guidelines were also adopted by the Asian and Americas Grid Policy Management Authorities, who are now enriching the federation with innovative services for quickly bootstrapping new centres via integration of the Grid with the scientists’ home organisations”.
The UK is represented in the IGTF by the UK e-Science certification authority. It is run by Grid Operations Support Centre staff from CCLRC, and with over 2000 “live” certificates, it is now the second largest Grid certification authority in the world. The certification authority manager Dr Jens Jensen, who represents the UK on the IETF, said: “This is a formalisation of years of fruitful collaborations. As we help more countries and organisations to join, Grid users and e-Scientists worldwide will benefit.” The UK certification authority issues certificates to e-Science projects (www.rcuk.ac.uk/escience) in the UK, covering disciplines from physics to biomedical, from engineering to chemistry and crystallography, from oceanography to atmospheric sciences.
The UK Grid for particle physics, GridPP (www.gridpp.ac.uk), is the collaboration of UK scientists and institutions participating in the Large Hadron Collider (www.cern.ch) Computing Grid (lcg.web.cern.ch/LCG) and other international high energy physics collaborations. GridPP has been very active in international Grid collaborations from the outset, and Dr Andrew Sansum from CCLRC was responsible for the GridPP UKHEP certification authority, the forerunner to the current e-Science certification authority. It was one of six founder members of what is now known as the EU Grid PMA. GridPP is now more active in Grids than ever, pushing boundaries internationally. Professor Tony Doyle from the University of Glasgow, project leader of GridPP, said: “"As one of the major customers of the UK e-Science CA, GridPP is particularly pleased that International trust relationships have been formalised. This enables us to work with others on a worldwide grid, confident that other users are identified to the same standards of authentication as the UK e-Science CA.”
The UK National Grid Service (www.ngs.ac.uk) provides Grid resources for scientists participating in e-Science projects. Scientists using the NGS benefit from the trust collaboration, because many UK scientists collaborate widely internationally, or are based in other countries. The NGS coordinator, Dr Andrew Richards from CCLRC, said: “Many of our users collaborate across international boundaries and having a global federation, overseeing and pushing forward the agenda for secure authentication across grids worldwide is a major step forward.” For example, the NGS collaborates with the US TeraGrid project (www.teragrid.org), and EU e-Infrastructure projects such as Enabling Grids for e-Science (www.eu-egee.org), and the Distributed European Infrastructure for Supercomputing Applications (www.deisa.org).
Tony Genovese from the US Lawrence Berkeley National Laboratory says: “By establishing IGTF, we are seeing the fruition of a the first steps ESnet and the European Grid took back in February 2002 when a researcher at Fermilab used an authenticating certificate created by ESnet to successfully transfer files to Imperial College and Lancaster University in the U.K. We did this as part of the pilot for the Particle Physics Data Grid. Once the British sites and Fermilab recognized and accepted each other’s certificates, the data transfer went smoothly”.
Jacky Hutchinson | alfa