XRootD Third Party Copy for the WLCG and HLLHC
| Autor: | Tim Adye, Elvin Alin Sindrilaru, Katy Ellis, Albert Rossi, Paul Millar, Gerardo Ganis, Wei Yang, Tigran Mkrtchyan, Horst Severini, Brian Bockelman, George Patargias, Michal Simon, Dmitry Litvintsev, Hironori Ito, Fabrizio Furano, Ian Johnson, Andrea Manzi, Oliver Keeble, Andrew Hanushevsky, O. Freyermuth |
|---|---|
| Jazyk: | angličtina |
| Rok vydání: | 2020 |
| Předmět: |
Authentication
Multitenancy Delegation 010308 nuclear & particles physics business.industry Echo (communications protocol) Physics QC1-999 media_common.quotation_subject Software development Computer security model Security token computer.software_genre 01 natural sciences Credential Computing and Computers 0103 physical sciences Operating system 010306 general physics business computer media_common |
| Zdroj: | EPJ Web of Conferences, Vol 245, p 04034 (2020) |
| Popis: | A Third Party Copy (TPC) mechanism has existed in the pure XRootD storage environment for many years. However, using the XRootD TPC in the WLCG environment presents additional challenges due to the diversity of the storage systems involved such as EOS, dCache, DPM and ECHO, requiring that we carefully navigate the unique constraints imposed by these storage systems and their site-specific environments through customized configuration and software development. To support multitenant setups seen at many WLCG sites, X509 based authentication and authorization in XRootD was significantly improved to meet both security and functionality requirements. This paper presents architecture of the pull based TPC with optional X509 credential delegation, and how it is implemented in native XRootD and dCache. The paper discusses technical requirements, challenges, design choices and implementation details in the WLCG storage systems, as well as in FTS/gfal2. It also outlines XRootD’s plan to support newer TPC and security models such as token based authorization. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|