Bootstrapping a new LHC data transfer ecosystem
| Autor: | Derek Weitzel, Brian Bockelman, Wei Yang, Andrew Hanushevsky, Mario Lassnig, Oliver Keeble, Paul Millar |
|---|---|
| Jazyk: | angličtina |
| Rok vydání: | 2019 |
| Předmět: |
Delegate
Data management computer: communications QC1-999 02 engineering and technology GridFTP Security token 01 natural sciences 010305 fluids & plasmas 0103 physical sciences 0202 electrical engineering electronic engineering information engineering ddc:530 communications [computer] Grid Security Infrastructure Worldwide LHC Computing Grid activity report Authentication business.industry Physics Computing and Computers CERN LHC Coll WebDAV Grid computing 020201 artificial intelligence & image processing data management business Computer network |
| Zdroj: | EPJ Web of Conferences, Vol 214, p 04045 (2019) The European physical journal / Web of Conferences Web of Conferences : proceedings proceedings 214, 04045 (2019). doi:10.1051/epjconf/201921404045 23rd International Conference on Computing in High Energy and Nuclear Physics, CHEP 2018, Sofia, Bulgaria, 2018-07-09-2018-07-13 |
| Popis: | 23rd International Conference on Computing in High Energy and Nuclear Physics, CHEP 2018, Sofia, Bulgaria, 9 Jul 2018 - 13 Jul 2018; The European physical journal / Web of Conferences Web of Conferences : proceedings proceedings 214, 04045 (2019). doi:10.1051/epjconf/201921404045 GridFTP transfers and the corresponding Grid Security Infrastructure (GSI)-based authentication and authorization system have been data transfer pillars of the Worldwide LHC Computing Grid (WLCG) for more than a decade. However, in 2017, the end of support for the Globus Toolkit - the reference platform for these technologies - was announced. This has reinvigorated and expanded efforts to replace these pillars. We present an end-to-end alternate utilizing HTTP-based WebDAV as the transfer protocol, and bearer tokens for distributed authorization.This alternate ecosystem, integrating significant pre-existing work and ideas in the area, adheres to common industry standards to the fullest extent possible, with minimal agreed-upon extensions or common interpretations of the core protocols. The bearer token approach allows resource providers to delegate authorization decisions to the LHC experiments for experiment-dedicated storage areas.This demonstration touches the entirety of the stack - from multiple storage element implementations to FTS3 to the Rucio data management system. We show how the traditional production and user workflows can be reworked utilizing bearer tokens, eliminating the need for GSI proxy certificates for storage interactions. Published by EDP Sciences, Les Ulis |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|