[fi-rg] Possibly relevant

[Olle Mulmo]

FYI, in the remote case that any of you have missed this. Below is an  
excerpt from a report on the 3rd NREN-Grids Workshop organized by  
TERENA, 27 & 28 April 2006, Paris (I was there the first day but not  
when this was presented).

Slides available at
http://www.terena.nl/activities/nrens-n-grids/workshop-03/NBGS- 
Terena.pdf

/Olle

Architectural issues of Grid Security
Dirk Schroetter, Cisco Systems

Dirk approached issues related to Grid Security from a network  
equipment vendor perspective. He introduced the security architecture  
of the Globus Toolkit version 4.0 and cited sources indicating that  
due to the poor performance of the message-level security  
implementation, the transport-level security is the solution actually  
used in practical deployments. Taking GridFTP as an example, Dirk  
described the problems that might be encountered on the control  
channel and on the data channel when performing high-speed data  
transfers over network infrastructure built on standard commercially  
available equipment. He introduced Service Control, a solution that  
would employ a stateful analysis engine in the network equipment to  
allow for scaling the throughput to about 10 Gbps while performing  
deep packet inspection. Dirk also presented the experimental Network  
Based On-demand/Grid System (NBGS). NBGS works with the Globus  
Toolkit v4 and offers on-demand, dynamic, automated and quick  
provisioning of network resources (by automating Cisco CLI or SNMP  
commands) that may be requested by Grid clients before these clients  
can schedule application jobs to run on available Grid compute  
resources.