Security issues in GlueDomains
GlueDomains is aware of security problems, but provides a very basic
- read access to the database is protected by a password, shared by
all monitoring hosts;
- write access is protected by another password;
- the tools use passwords to ensure identity of the partners, and
capabilities to invoke on demand sessions;
- data transfer between the Information Provider and the MDS is assumed to occur within a protected environment, and is not encrypted.
However, we provided "handles" to implement more rigorous security
policies, and more is on the way.
next: Future work (CoreGRID)
previous: Prototype set up and deployment
up: A modular approach to Grid Connectivity Monitoring