CS Document 1349-v1

CHEP06: VOMRS - Virtual Organization Management Registration Service

Document #:: CS-doc-1349-v1
Document type:: Conference
Submitted by:: Stuart C. Fuess
Updated by:: Stuart C. Fuess
Document Created:: 15 Feb 2006, 09:19
Contents Revised:: 15 Feb 2006, 09:19
Metadata Revised:: 07 Mar 2006, 09:51

Viewable by:

Public document

Modifiable by:

Same as Viewable by

Abstract:

Currently, grid development projects require end users to be authenticated under the auspices of a "recognized" organization, called a Virtual Organization (VO). A VO
establishes resource-usage agreements with grid resource providers. The VO is responsible for authorizing its members and optionally assigning them to groups and roles within the VO. This enables fine-grained authorization at grid sites as end users can be assigned grid computing privileges according to their VO group/role.

The Virtual Organization Management Registration Service (VOMRS), developed at Fermilab, provides a comprehensive set of services that facilitates management of VO
membership and privileges. It implements a registration workflow that requires email verification of identity, VO usage policy acceptance, membership approval by
designated VO representatives/administrators, and allows for management of multiple grid certificates, and the selection of group and role. VOMRS maintains a VO
membership status and a certificate level status for each member who is managed by the VO administrators, allowing for VO-level control of a member's privileges and
membership. VOMRS provides a subscription service; email notifications are sent when selected changes are made to information about a member's VO membership status and/or
when actions are required by members or administrators.

VOMRS is capable of interfacing to local systems with personnel information (e.g., the CERN Human Resource Database), and pulling relevant member information from them. Such an interface can eliminate duplicate aintenance and be made to satisfy local security requirements.

VOMRS membership data can be configured to synchronize with the VOMS system (developed jointly for DataTAG by INFN and for DataGrid by CERN) with all approved members' certificates and privileges.

The current architecture and state of deployment will be discussed.

Files in Document:

Talk (CHEP06_Talk_034_Levshina_VOMRS.ppt, 344.0 kB)

Topics:

Shared Systems and Services:Grid

Authors:

Tanya Levshina

Keywords:: Global_Computing VO_Management CHEP

Associated with Events:: CHEP2006 held from 13 Feb 2006 to 17 Feb 2006 in Mumbai, India

[ DocDB Home ] [ Search ] [ Authors ] [ Events ] [ Topics ]