Fermilab Computing Division

CS Document 1267-v1

CHEP06 abstract - The Virtual Organization Management Registration Service

Document #:
Document type:
Submitted by:
Stuart C. Fuess
Updated by:
Stuart C. Fuess
Document Created:
14 Nov 2005, 09:49
Contents Revised:
14 Nov 2005, 09:49
Metadata Revised:
07 Mar 2006, 09:08
Viewable by:
  • Public document
Modifiable by:
  • Same as Viewable by

Quick Links:
Latest Version

Currently, grid development projects require end users to be authenticated under the auspices of a "recognized" organization, called a Virtual Organization (VO). A VO
establishes resource-usage agreements with grid resource providers. The VO is responsible for authorizing its members and optionally assigning them to groups and roles within the VO. This enables fine-grained authorization at grid sites as end users can be assigned grid computing privileges according to their VO group/role.

The Virtual Organization Management Registration Service (VOMRS), developed at Fermilab, provides a comprehensive set of services that facilitates management of VO membership and privileges. It implements a registration workflow that requires email verification of identity, VO usage policy acceptance, membership approval by designated VO representatives/administrators, and allows for management of multiple grid certificates, and the selection of group and role. VOMRS maintains a VO
membership status and a certificate level status for each member who is managed by the VO administrators, allowing for VO-level control of a member's privileges and membership. VOMRS provides a subscription service; email notifications are sent when selected changes are made to information about a member's VO membership status and/or
when actions are required by members or administrators.

VOMRS is capable of interfacing to local systems with personnel information (e.g., the CERN Human Resource Database), and pulling relevant member information from them. Such an interface can eliminate duplicate maintenance and be made to satisfy local security requirements.

VOMRS membership data can be configured to synchronize with the VOMS system (developed jointly for DataTAG by INFN and for DataGrid by CERN) with all approved
members' certificates and privileges.

The current architecture and state of deployment will be discussed.

Files in Document:
Associated with Events:
CHEP2006 held from 13 Feb 2006 to 17 Feb 2006 in Mumbai, India
DocDB Home ]  [ Search ] [ Authors ] [ Events ] [ Topics ]

DocDB Version 8.8.10, contact Document Database Administrators