1 / 22

Overview

Teaching Grid Computing Dr Richard Sinnott Technical Director National e-Science Centre ||| Deputy Director Technical Bioinformatics Research Centre University of Glasgow ros@dcs.gla.ac.uk. Overview. Grid Computing module Student backgrounds Syllabus Review of DyVOSE project

dinah
Download Presentation

Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Teaching Grid ComputingDr Richard SinnottTechnical Director National e-Science Centre||| Deputy Director Technical Bioinformatics Research Centre University of Glasgowros@dcs.gla.ac.uk

  2. Overview • Grid Computing module • Student backgrounds • Syllabus • Review of DyVOSE project • Brief summary of technical approach • Plans for the future

  3. Grid Computing module • Part of advanced MSc at Glasgow • Started teaching on 30th September • Due to complete on 2nd December • Involves • 20 lectures, • 10 tutorials, • 3 problem sets, • 1 large programming assignment • Taught by • Richard Sinnott (NeSC, Course Director), • Colin Perkins (DCS), • John Watt (NeSC, DyVOSE researcher) • 1 lecture by Seamus Ross (DCC) • 1 lecture by David Fergusson (EGEE training team)

  4. Student Backgrounds • Students • UG4 • MSci (UG5) • Advanced MSc • First lecture had 50 students, now have 16 signed up for module • Various pre-requisites in taking module • Based on Glasgow course structures • DAS, DBIT, AC4, … • Additional materials developed for students without necessary background • XML, XML Schema, WSDL, … • Not planned for originally…

  5. Taught today Module Outline

  6. Module Outline *National Digital Curation Centre

  7. Timetable

  8. DyVOSE Project Participants • Dynamic Virtual Organisations in e-Science Education (DyVOSE) team • Principal Investigators • Dr Richard Sinnott (NeSC Glasgow) • Prof David Chadwick (Salford) • Developers • Dr John Watt (NeSC Glasgow) • Dr Sassa Otenko (Salford) • Mr Tuan Anh Nguyen (Salford) • Other Key People Involved • Dr David Berry (NeSC Edinburgh) • Dr Sandy Shaw (EDINA)

  9. DyVOSE Overview • Dynamic Virtual Organisations for e-Science Education (DyVOSE) project • Two year project started 1st May 2004 funded by JISC • Exploring advanced authorisation infrastructures for security in context of education • University of Salford provide authorisation software (PERMIS) and security expertise • Applied in Grid Computing module part of advanced MSc at the University of Glasgow • Will provide insight into rolling out authorisation infrastructures/Grid to the masses • Exploration of current state of the art in authorisation infrastructures • Second phase of work will involve NeSC Edinburgh/EDINA • Extensions to the existing PERMIS infrastructure to provide dynamic delegation of authority and recognition of authority

  10. DyVOSE Workplan • Phase 1 • Looking at applying existing PERMIS technology to establish static Privilege Management Infrastructure at GU GU Condor pool ScotGrid Other (known!) Grid resources PERMIS based Education authorisation VO policies Authorisation checks Authorisation decisions

  11. DyVOSE Phase 1 • Phase 1 Deliverables • D1.1 Design of Educational Case Studies • D1.2 Installation of Software Infrastructure for Static Delegation Based PMI • D1.3 Detailed Design for Dynamic Delegation and Recognition of Authority • Development of course material • Major effort for first time…

  12. Current PERMIS based PMI approach • PERMIS allows to • Define roles for who can do what on what • Policy = { Role x Target x Action } • Can user X invoke service Y and access or change data Z? • Policies created with PERMIS PolicyEditor (output is XML file)

  13. PERMIS based Authorisation

  14. PERMIS based Authorisation ...ctd • PERMIS Privilege Allocator then used to associate roles with specific users • Signed policies are stored as attribute certificates in LDAP server • Exploiting the GGF AuthZ specification • Generic way to authorise access to Grid services using SAML callouts • Based on GT3.3 – PERMIS • Grid service (WSDD) has policy information associated with it • DN of clients, target and actions checked when attempts made to invoke services • BRIDGES and DyVOSE only projects exploiting this API right now (Von Welch at AHM 2004)

  15. Explorations in Course • Students applying Policy Editor to develop security policy for use in their assignment • Sorting/searching “works of Shakespeare” • … run on single PC, • … using training lab Condor pool, • … * as GT3.3/Condor service, • … as GT3.3 service using GSI, • To see how authorisation at service level achieved • Service should be accessible by themselves and lecturing staff only • … using * for GT3.3-PERMIS authorised service • To see how authorisation at method level achieved • Students split into groups (Gp1, Gp2) • Sort method available to their group and lecturers only • Search method available to all • Performance aspects investigated throughout…

  16. DyVOSE Phase 2 and 3 • Phase 2 • D2.1 Report on Practical Experiences and Best Practices in Static Delegation Based PMI • D2.2 Software implementing Dynamic Delegation and Authority Recognition in PERMIS • Phase 3 • D3.1 User Manuals and Administrator Guides on Using and Setting up and Managing Dynamic Delegation Infrastructures • D3.2 Report on Practical Experiences in Using Dynamic Delegation Infrastructures as Part of e-Science Education • D 3.3 NMI release of PERMIS that supports dynamic Delegation and Recognition of Authority

  17. DyVOSE Phase 2/3 Glasgow Edinburgh ScotGrid Condor pool Blue Dwarf Dynamically established VO resources/users Delegated VO policies Edinburgh Education VO policies Glasgow Education VO policies Shibboleth PERMIS based Authorisation checks/decisions

  18. Work Progress • Majority of lecture materials completed • Infrastructure established in NeSC Glasgow training laboratory • Initial design of dynamic PMI complete • Input to wider UK security requirements document • (Being drafted by Howard Chivers)

  19. Work Progress …ctd • Long time wrestling with GT3.3-PERMIS integration • Some delays due to version issues with GT3.3 • Also required some debugging of GT3.3 (commenting out code) • Continued feedback on PERMIS tools • Policy editor refinements • Numerous discussions/meetings with Salford team on sorting out PERMIS-GT3.3 issues • Certificate dependencies in using PERMIS • Expects certificates created using openSSL

  20. Work Progress …ctd • Web site established • http://www.nesc.ac.uk/hub/projects/dyvose • Dissemination • Poster at JISC meeting in Brighton • Poster at AHM 2004 in Nottingham • Paper in preparation to European Grid Conference, Amsterdam • Course materials to be made available to those interested • Some already provided to EGEE training team

  21. Future plans • Feed experiences into wider Grid community (ETF AAA work) • Continued input to wider security requirements/scenario documents (and to STF?) • Applying experiences in other projects (VOTES, BRIDGES) • Conduit for information from JISC Core Middleware projects and wider UK e-Science activities • It would be nice to think that the majority of the lecture materials had a life of over 1 year • Tried to achieve in course design • not focused on Grid technologies explicitly, more on underlying principles/challenges • Inevitable that refinements needed though… • Community needs to address this

  22. Questions?

More Related