When the EU DataGrid project began, one of the most important factors addressed was security. After all, the purpose of the grid computing program was to share power as well as data and information between computers. Further, at its inception, the three major fields that were essentially being given “first crack” at grid computing would be the medical field, the particle physics field, and the Earth Observation.
A security protocol plan was drafted and presented to the EU. This plan included measures that would be implemented to insure that different aspects of security would be addressed. These included, but were not limited to:
- Authentication guidelines
- Determining of authorization protocol
- Auditing of Virtual Organizations (VO’s) and other participants
- Confidentiality issues.
Some of the specifics that would be addressed would be the extending of authorization to include the resources made available as well as the users who would be able to access them, and the encryption of sensitive data, such as that that would be found in the medical field, as well as attention to confirming who might be in a VO.
Further, because the EU DataGrid did involve 27 European countries as well as the United States, the importance of international collaboration was stressed, as well as the need for inter-operational procedures.
One way of implementing security measures was to require those participating in the EU DataGrid project to require Virtual Organization Membership. A specific program in the EU DataGrid, the Virtual Organization Membership Service, would oversee those who had applied for and received membership services.
Other security measures included imposing time restraints on certain users as well as requiring the VO manager (known to Java users as the Authorization Manager) to maintain continuous checks on authorization assignments, users, and VO members.
All of this, combined with other measures, was intended to make the EU DataGrid as secure as possible so that current and future participants would feel confident that their information was being protected.