Grid Web Services: Security in XSOAP and XCAT

• Transport Layer Security
  • Server authentication
  • Client authentication
• Authorization
• Delegation

Transport Layer Security (TLS previously SSL) takes care of basic authentication of server and client. It is essential for the client to know that it is talking to the right server. A similar identification process may be needed for the server to trust the client. SSL/TLS is the most pervasive underlying protocol. We use the Grid Security Infrastructure (GSI) [GSIRef] to provide Public Key Infrastructure. The use of Java CoG kit [JavaCogRef ] that uses IAIK's SSL as the underlying protocol provides the authentication. The underlying implementation can be easily replaced by a similar system like Sun's JSSE [JSSERef]

XSOAP/Java uses Java CoG kit to process the Globus user proxy certificates and then to manage secure connections with the server. The default mode of XSOAP using Globus grid proxies is personal web service ie when a web service is started using CoG Java provider it accepts only connections that uses the same user proxy for the client authentication. We are also working on providing multi-user authentication. In this mode the server will trust a number of clients based on information stored.

Authorization

The higher level of security would be the authorization of the client. Authorization means only certain types of clients may be given different rights to the services. This will be determined by the policy information on the server side or from the Grid Authorization Service and the credentials that the client presents on the connection. The policy information will need to have flexibility to store information about individuals, groups of people and the type of accesses allowed. Since X.509 Certificates are passed as credentials during the authentication process the Distinguished Names in the certificates can be used to identify the client.

Delegation

There is sometimes a need for a service to access another service to satisfy the user's requests. The user may decide to delegate his credentials to the server that can be in turn used by the service to access other services on behalf of the user. To provide this functionality we are using GSI delegation capability.

Further work

In current XCAT Provides Port provides no security features for the component. Now that XSOAP, the underlying framework for XCAT has authentication and authorization capabilities component writers will have the ability to add security features to their components. The first step will be to have a Grid Personal Application Event Service that will accept events from only the user who started the service.

In current XSOAP implementation different security features are easily pluggable that will make it scalable for inevitable future changes and will provide good flexibility for XCAT component framework.

Download

Our current security implementation is part of XSOAP.