"Andrew's blog about Grids, Webs, Security and other interestingTM Stuff"
Web/Net
W3C
RFC Editor
Apache
Grid Security
EGEE/LCG
JSPG
EU GridPMA
EGEE JRA3
MWSG
Switch to list of all blogs
CHEP 2007, Victoria, Canada
Tue 11 September 2007 11:09am
This year's Computing in High Energy Physics conference marks ten years since my first one in Berlin. Looking back, the first rumblings of the desire for the grid were there, and I remember seeking out talks about CLEO's Nile distributed data processing system, and Funnel and Centipede from the HERA experiments. At the time, the idea of objects was mixed-in, with some vague concept that objects might interact with each other over the network: that idea has come and gone, although Web Services are a loosely coupled echo of it. This year the grid is part of the fabric, and implicitly the background to most of the talks and posters.
Back in 1997, C++ and object orientated programming had already won over the experiments, and people were turning up and pitching their solutions. But the new and controversial issue was Linux vs Windows NT: whether to go from a mix of VMS and Unix on proprietary hardware, onto Linux or Windows in PC's, as it was increasingly clear that PC-based hardware would be considerably cheaper. (I was there with my Linux binaries and RPMs of the CERN Program Library, which were redistributed by CERN itself until around 2000.)
This year, the Gartner Group's Hype Cycle graph appeared more than once, with the claim that the grid is now on the "Plateau of Productivity" (we'd better be, since almost all the distributed LHC computing production work is being done via the grid!)
In the security area, I gave an oveview of recent updates to GridSite's security toolkit (which was very similar to my talk in June but with "will do" replaced by "have done"...) I did have time to outline my feelings about identity federation: something we've managed to avoid in grids so far, but which is becoming more pressing as username/password based systems interact more with elements of the grid world, and with users used to the convenience of X.509 user certificates in their browser. In short, we seem to be expecting sites to do local identity federation, which isn't so bad for a few large sites like CERN (who are unifying username/password, kerberos and X.509 access with a single sign-on page), but it's not going to scale if every site or interactive service needs to do it.
On the photography front, CHEP always has interesting excursions - this time, whale watching - but instead I went and took some photographs around Victoria on the free afternoon, especially the harbour and the seaplanes:
A short video of a seaplane landing (done with a still camera in video mode, at 12x optical zoom):
Pictures of the conference hotel and seaplanes landing and taxiing:
GridPP18 in Glasgow
Thu 22 March 2007 11:03am
Most of my talks at collaboration meetings are status reports, but this time
I did an overview of
the "credential soup" of abbreviations and
acronyms in the security area, including
X.509, GSI, CAS, LDAP-VO, GACL, VOMS, XACML, SAML, Shibboleth, VOM, WS-Sec, ...
This talk also kicked off with a new concept: "Grid projects typically generate one new acronym for every 10,000 lines of code" (McNab's Law of Grid Acronyms!)
There are some new ideas on the (web) horizon, like OpenID and Shibboleth, but the credentials side of things is pretty much sorted in EGEE/LCG now. However access policies, and how to maintain them in production at sites, is still up in the air - with a mixture of solutions on offer and some big gaps.
GridSite and Subversion
Fri 15 December 2006 12:12pm
In the last couple of weeks I've been looking at adding support to GridSite
for the Subversion version control
system (ie like CVS). It's interesting from a GridSite point of view because
the server side comes in the form of modules which extend Apache, and the
network protocol is just WebDAV. It's been brought up before that there might
be some useful overlaps here, and Alessandra Forti who runs the Tier-2 here
in Manchester suggested it again last month (as part of managing configuration
files for grid installations using Subversion.)
Read more ...
MWSG at CERN and Escalade
Fri 17 November 2006 11:11am
I've not been back to annual
Escalade in Geneva since
2001 and I didn't again this year.
But the chocolate cooking pots ("les marmites") filled
with sweets were there in Migros at the airport, so brought one back to show
some sceptics back in Manchester. However, I'd forgotten (didn't know?) that
the yellow and red "fruit pastille" sweets contain explosive
bangers like Christmas-crackers, so I and a very helpful member of the
airport security staff removed the bangers and rewrapped the sweets
one by one...
All Hands Meeting, 2006
Fri 22 September 2006 1:09pm
The UK e-Science All Hands have
been at the University of Nottingham for the last few years, and this year
was Manchester HEP's best showing yet: as well as my
poster on GridSite
delegation and PPARC stand talk on LCG/EGEE/GridPP security, Joseph Dada
presented our work on Shibboleth extensions to GridSite and his certificate-based
Identity Provider; Yibiao Li talked about the bulk data transfer client
and server he's done based on HTTPS and GridSite's GridHTTP; and Mike Jones
talked about the NGS and GridPP VOMS services run here by him, Alessandra
Forti and Sergey Dolgobrodov.
Switch to list of all blogs
Contact info
Dr Andrew McNab,
Department of Physics
and Astronomy,
University of Manchester,
Manchester,
United Kingdom,
M13 9PL
Andrew.McNab@cern.ch
Phone: +44-161-306-6474
Fax: +44-161-273-5867
Recent blogs
- CHEP 2007, Victoria, Canada
- GridPP18 in Glasgow
- GridSite and Subversion
- MWSG at CERN and Escalade
- All Hands Meeting, 2006
- GridSite Storage
- Fort L'Ecluse
- CERN and WLCG
- SlashGrid Reloaded
- AMPPS building site (or "No More Trees, II")