Home : Site Map : Contact Us : Help : Links : Security

Grid security crosses more borders

Wed 24 Jan 2007

With more than 30 national Grids in Europe alone, making sure electronic identities work across Grid boundaries is a complex job. This is the role of the European Policy Management Authority for Grid Authentication, EUGridPMA, which met last week in the UK for the first time. Attended by 26 members of EUGridPMA, the meeting at the CCLRC Coseners House in Abingdon was organised and sponsored by CCLRC and GridPP.

The UK has been at the forefront of efforts to build international trust among Grids, with early steps towards the formation of the PMA led by Dr David Kelsey of CCLRC Rutherford Appleton Laboratory and GridPP, who said, "I was very pleased to welcome the EUGridPMA to the UK for the first time, especially as the PMA expanded its horizons. We are now closer to enabling access to the Grid to all scientists wherever they are located".

The EUGridPMA (http://www.eugridpma.org/) is one of 3 regional PMA's belonging to the International Grid Trust Federation (http://www.gridpma.org/). It coordinates the activities of the Certification Authorities (CAs) that issue electronic identities, i.e. digital certificates, to scientists for use on the Grid. IGTF sets out requirements and best practice for identity management, mainly by co-ordinating a Public Key Infrastructure (PKI) that is used with Grid middleware. Covering not just Europe, but also Africa and with participation by members of the other two PMA's from countries such as Canada, Japan, Taiwan and the USA, EUGridPMA doesn't issue certificates itself, but accredits certificate authorities whose certificates meet or exceed its guidelines.

Given the recent expansion of the European Union, it was very timely that both Bulgaria and Romania sent representatives to the meeting to present their new CAs to the PMA, seeking accreditation. The PMA was also happy to receive the first request to join from an African country; representatives from Morocco attended and presented their new CA.

Not content with crossing geographical borders, steps were also taken in a different direction when the PMA considered a request for accreditation from SWITCH, the Swiss national research and education network. They are running a Grid Identity CA linked to their national implementation of a Shibboleth Authentication-Authorisation Infrastructure. Shibboleth, a technology which comes from Internet2 in the USA, is also being deployed in academia in several other European countries, including the UK. The ability to link the issuing of electronic certificates for use on Grids to a large-scale identity management system such as this is a first for EUGridPMA and is important for reaching out to the large community of scientists wishing to use the Grid.

---

© Copyright GridPP
If you wish to reproduce this piece please credit GridPP and contact Neasan O'Neill to say you are using it

Copyright GridPP 2008

Switch to HTTPS : Built with GridSite

For more about GridPP please contact Neasan O'Neill