Trigon-based Authentication Service Creation with Globus Middleware

Document Sample
Trigon-based Authentication Service Creation with Globus Middleware Powered By Docstoc
					                                                              (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                             Vol. 8, No. 6, September 2010

   Trigon Based Authentication Service Creation with
                 Globus Middleware


Ruckmani V 1                         Anitha Kumari K 2                   Sudha Sadasivam G 3                Dhaarini M P4
Senior Lecturer , MCA,           Lecturer, IT,    ,                      Professor ,CSE,                    Lecturer ,IT,
Ramakrishna Engineering College, PSG College of Technology,              PSG College of Technology,         PSG College of Technology
Coimbatore, India                Coimbatore,India                        Coimbatore,India                   Coimbatore,India
ruckmaniv@yahoo.com              kesh_chse@yahoo.co.in                   sudhasadhaasivam@yahoo.com         dhaarinimp@gmail.com

Abstract— A Grid is built from multi-purpose protocols and                 virtual organizations boundaries. A VO is a dynamic group
interfaces that address fundamental issues as authentication,              of individuals, groups, or organizations that have common
authorization, resource discovery, and resource access.                    rules for resource sharing [8]. Confidentiality of information
Security is of utmost importance in grid computing                         in a VO Should also be ensured [28]. The necessity for
applications as grid resources are heterogeneous, dynamic, and             secure communication between grid entities has motivated
multi-domain. Authentication remains as the significant                    the development of the Grid Security Infrastructure (GSI).
security challenge in grid environment. The proposed                       GSI provides integrity, protection, confidentiality and
approach uses a dual authentication protocol in order to                   authentication for sensitive information transferred over the
improve the authentication service in grid environment. The                network in addition to the facilities to securely traverse the
protocol utilizes the fundamental concepts of trigon and based
                                                                           distinct organizations that are part of collaboration.
on the parameters of the trigon the user authentication will be
performed. In the proposed protocol, the password is
                                                                           Authentication is done by exchanging proxy credentials and
interpreted and alienated into more than one unit and these                authorization by mapping to a grid map file. Grid
units are stored in two different servers, namely,                         technologies have adopted the use of X.509 identity
Authentication Server and Backend Server. Only when the                    certificates to support user authentication. SOAP protocol
combined authentication scheme from both the servers                       [12] is used by the emerging OGSA. This necessitates for
authenticates the user, the privilege of accessing the requested           support message layer security using XML digital signature
resources is obtained by the user. The main advantage of                   standard and the XML encryption standard [11]. Globus
utilizing the dual authentication protocol in grid computing is            Toolkit [24] provides security services for authentication,
that an adversary user cannot attain the access privilege by               authorization, management of user credentials and user
compromising a single consolidated server because of the fact              information. Laccetti and G. Schmid [14] have introduced a
that the split password is stored in different servers. Grid               unified approach for access control of grid resources. PKI
service is stateful and transient web service, which can be                (Public Key Infrastructure) and PMI (Privilege Management
invoked by clients, and is considered to be the mainstream of              Infrastructure) infrastructures were utilized at the grid layer
future internet. The creation of Web Services standards is an              after authentication and authorization procedures.
industry-led initiative, with some of the emerging standards in            Czajkowski [5] have explained about agreement based grid
various states of progress through the World Wide Web                      management. Nagaratnam [18] have introduced security
Consortium (W3C). To achieve reuse of behaviors of this
                                                                           architecture for open grid services. H.-L. Truong[26] define a
authentication concept, operations are often grouped together
to form a trigon based authentication service.
                                                                           framework for monitoring and analyzing qos metrics of grid
                                                                           Services. The proposed work aims at authenticating the users
    Keywords—     Trigonbasedauthentication,    web    services,           by using trigon concept and to host this operation as a web
globus.                                                                    service.


                                                                           A. Globus Middleware
                    I.   INTRODUCTION

                                                                               Globus [25] provides a software infrastructure that
    Grid computing has emerged as a significant new field,                 enables applications to handle distributed heterogeneous
distinguished from conventional distributed computing by its               computing resources as a single virtual machine. Globus is
concentration on large-scale resource sharing, innovative                  constructed as a layered architecture in which high-level
applications, and, in some cases, high-performance                         global services are built upon essential low-level core local
orientation . Grid computing is concentrating on large-scale               services. Middleware is generally considered to be the layer
resource sharing and collaboration over enterprises and



                                                                   179                              http://sites.google.com/site/ijcsis/
                                                                                                    ISSN 1947-5500
                                                             (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                            Vol. 8, No. 6, September 2010
of software sandwiched between the operating system and                     Web Services have certain advantages over other
applications, providing a variety of services required by an            technologies:
application to function correctly. Recently, middleware has
                                                                           Web Services are platform-independent and language-
re-emerged as a means of integrating software applications
running in distributed heterogeneous environments. In a                 independent, since they use standard XML languages. This
                                                                        means that my client program can be programmed in C++
Grid, the middleware is used to hide the heterogeneous
nature and provide users and applications with a                        and running under Windows, while the Web Service is
                                                                        programmed in Java and running under Linux.
homogeneous and seamless environment by providing a set
of standardized interfaces to a variety of services.                        Service Processes: This part of the architecture generally
                                                                        involves more than one Web service. For example, discovery
                                                                        belongs in this part of the architecture, since it allows us to
                                                                        locate one particular service from among a collection of Web
B. Web Services                                                         services.
                                                                            Service Description: One of the most interesting features
    The term Web Services describes an important emerging               of Web Services is that they are self-describing. This means
distributed computing paradigm that differs from other                  that, once you've located a Web Service, you can ask it to
approaches such as DCE, CORBA, and Java RMI in its focus                'describe itself' and tell you what operations it supports and
on simple, Internet-based standards to address heterogeneous            how to invoke it. This is handled by the Web Services
distributed computing. Web services define a technique for              Description Language (WSDL).
describing software components to be accessed, methods for
accessing these components, and discovery methods that                      Service Invocation: Invoking a Web Service (and, in
enable the identification of relevant service providers. Once a         general, any kind of distributed service such as a CORBA
web service is created, it is advertised in a registry called           object or an Enterprise Java Bean) involves passing
UDDI (Universal Description, Discovery and Integration)                 messages between the client and the server. SOAP (Simple
[27], where it can be searched. The UDDI will provide the               Object Access Protocol) specifies how we should format
location to the service provider’s WSDL (Web Services                   requests to the server, and how the server should format its
Description Language) [29] file that describes the methods              responses. In theory, we could use other service invocation
that can be invoked and the parameters required. Messages               languages (such as XML-RPC, or even some ad hoc XML
are exchanged through the protocol SOAP (Simple Object                  language). However, SOAP is by far the most popular choice
Access Protocol) [30].                                                  for Web Services.
                                                                            Transport: Finally, all these messages must be
                                                                        transmitted somehow between the server and the client. The
   The established standards include:                                   protocol of choice for this part of the architecture is HTTP
                                                                        (Hypertext Transfer Protocol), the same protocol used to
                                                                        access conventional web pages on the Internet. Again, in
    SOAP (XML Protocol). SOAP provides an envelope                      theory we could be able to use other protocols, but HTTP is
which encapsulates XML data for transfer through the Web                currently the most used one.
infrastructure (e.g. over HTTP, through caches and proxies),
with a convention for Remote Procedure Calls (RPCs) and a               C. Web Service Definition Language(WSDL)
serialization mechanism based on XML Schema data types.                     Web Services programmers usually only have to
SOAP is being developed by W3C in cooperation with the                  concentrate on writing code in their favorite programming
Internet Engineering Task Force (IETF).                                 language and, in some cases, in writing WSDL. SOAP code,
                                                                        on the other hand, is always generated and interpreted
   Web Services Description Language (WSDL). Describes                  automatically for us. Once we've reached a point where our
a service in XML, using an XML Schema; there is also a                  client application needs to invoke a Web Service, we
mapping to the Resource Description Framework (RDF). In                 delegate that task on a piece of software called a stub. Using
some ways WSDL is similar to an interface definition                    stubs simplifies our applications considerably. We don't have
language IDL. WSDL is available as a W3C note [WSDL].                   to write a complex client program that dynamically generates
    Universal Description Discovery and Integration (UDDI).             SOAP requests and interprets SOAP responses (and similarly
This is a specification for distributed registries of web               for the server side of our application). We can simply
services, similar to yellow and white pages services. UDDI              concentrate on writing the client and/or server code, and
supports ‘publish, find and bind’: a service provider                   leave all the dirty work to the stubs (which, again, we don't
describes and publishes the service details to the directory;           even have to write ourselves... they can be generated
service requestors make requests to the registry to find the            automatically from the WSDL description of a web
providers of a service; the services ‘bind’ using the technical         service).The stubs are generally generated only once. In
details provided by UDDI. It also builds on XML and SOAP                general, we only go through the discovery step once, then
[UDDI].                                                                 generate the stubs once (based on the WSDL of the service
                                                                        we've discovered) and then reuse the stubs as many times as
                                                                        we want (unless the maintainers of the Web service decide to




                                                                  180                             http://sites.google.com/site/ijcsis/
                                                                                                  ISSN 1947-5500
                                                               (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                              Vol. 8, No. 6, September 2010
change the service's interface and, thus, its WSDL
description).

          II.  TRIGON BASED AUTHENTICATION
                       ARCHITECTURE
    When legitimate entities (users) login, the trigon based
authentication server splits the password into its components
and stores the authentication information in two servers –
namely authentication and backend server. Users have to
register with the Authentication server, so that it can hold a
part of the interpreted password with itself and another part
in the Backend server. The block diagram illustrating the
registration process of the users is depicted in the Figure
5.As illustrated in Figure5, the users who require services
from the VO have to register initially with the Authentication
server using their username and password. The
Authentication server calculates the Pi as given in (1). Along
with this authentication server generates two large prime
numbers, namely, a and a’, which are considered as the two
sides of a trigon. It is difficult to hack the values of a and a'
as they are large prime numbers (as per RSA Factoring
Challenge). Here, Pi is taken as the angle between the two the
two sides of the trigon a and a’. Now, the Authentication
server can easily determine the opposite side of the angle Pi,                                    Fig 1 Flow Diagram
termed as a’’.
                                                                               In (4), PAI is the ASCII-interpreted value of the given
    With these trigon parameters, α, Vaa'           and Paa' are          password pwi , n is the total number of digits in PAI and PAI
found as                                                                  ( j) represents the first j digits of PAI . The PAI can be
                                                                          calculated by the following steps.
       Vaa’=a-a’                (1)
                                                                             Change the pwi into its corresponding ASCII value.

       Paa’ = a * a’           (2)
                                                                              Calculate the three-fourth of total digits of the
                                                                          ASCII value modulo 180, which results the first three digits
   α = 2P aa’ − a' ' 2         (3)                                        of PAI .
    where, a, a’ and a' ‘are the three sides of trigon. α is a
strengthening parameter used as the index . Vaa' and Paa' are               Append the remaining one-fourth of the ASCII digits to
the variance and the product of the sides a and a'                        PAI .
respectively. With the parameters a , a' and a' ' as the
sides of trigon and Pi be the angle between the sides a
and a' the generated trigon will be assumed . After the
                                                                              Then, from Pi the Authentication Server determines
calculation of α , Vaa' and Paa' , the authentication server
                                                                          the Authentication index ( AI ) for ui as
stores the α value and its corresponding username in a
database and forwards Vaa' and Paa' to the Backend server
along with the username. Hence, the password is interpreted
and alienated into two units and stored in two separate                                  AI(i) = Pi/2                          (5)
server. The authentication procedure is based on the
fundamental concepts of a trigon. Initially, the user who
wants the services of VO has to login to the Authentication                   Then, the Authentication Server searches for the
server using the username and password. Here, ui and                      username index α i for the corresponding ui which has
pwi     refers to username and password of i th user. The                 already been stored in the server database during
Authentication server calculates the Password index ( Pi )                the process of the registration. Subsequently, α i is
from the password as                                                      sent to the backend server along with ui . When the
                                                                          Backend server receives the index α i and           the
                                                                          username     from     the   Authentication  server,   it
                P AI(i) / 10 pow n-2         ; if P AI (i) ≥ 180          searches for Vaa' and Paa' the Variance and the product
Pi =                                                                      of the sides a and a' respectively, which have been
                                                                          saved in the backend server database during the
                P AI(i)/ 10 pow n-3 ; else         (4)                    process of registration. From these values,



                                                                    181                             http://sites.google.com/site/ijcsis/
                                                                                                    ISSN 1947-5500
                                                              (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                             Vol. 8, No. 6, September 2010
   the Backend server calculates an Authentication Token
ATi and sends it to the Authentication server to                         xmlns:tns="http://www.globus.org/namespaces/add/hello_in
authenticate the ui . The ATi can be calculated as                       stance"
                 AT(i) = αi + Vaa’I * 2Paa‘I     (6)                           xmlns:xsd="http://www.w3.org/2001/XMLSchema">
                                                                            <types>
    In (6), Vaa' and Paa'           are        pre-calculated                <xsd:schema
values computed during individual user registration. After               targetNamespace="http://www.globus.org/namespaces/add/h
retrieval    of    ATi from the Backend server, the                      ello_instance"
Authentication server authenticates the user based on the
token from the Backend server and the index calculated at
the Authentication server. The authentication code (or)                  xmlns:tns="http://www.globus.org/namespaces/add/hello_in
                                                                         stance"
condition which authenticates the ui is given by

                                                                         xmlns:xsd="http://www.w3.org/2001/XMLSchema">
                 Sin AI(i) = ( 1- ATi / 2 ) ½   (7)
                                                                            <xsd:element name="addition">
                                                                            <xsd:complexType>
    The authentication process is performed by the
                                                                            <xsd:sequence>
authentication condition given in (7). When the condition is
satisfied, the user is decided to be valid and the Server sends             <xsd:element name="input1" type="xsd:int"/>
a token called Token for VO access to the user.
                                                                            <xsd:element name="input2" type="xsd:int"/>
                                                                            </xsd:sequence>
  III.     IMPLEMENTATION - AUTHENTICATION AS                               </xsd:complexType>
                     SERVICE                                                </xsd:element>
                                                                            <xsd:element name="response" type="xsd:string"/>
    A service is an entity that provides some capability to its
clients by exchanging messages. A service is defined by                     <xsd:element                         name="additionrequest"
                                                                         type="xsd:string"/>
identifying sequences of specific message exchanges that
cause the service to perform some operation. By thus                        </xsd:schema>
defining these operations only in terms of message exchange,
we achieve great flexibility in how services are implemented                </types>
and where they may be located. A service-oriented                           <message name="AddInputMessage">
architecture is one in which all entities are services, and thus
any operation visible to the architecture is the result of                  <part                                      name="parameters"
message exchange.                                                        element="tns:additionrequest"/>
                                                                            </message>
   Prerequisites are:                                                       <message name="AddOutputMessage">
                                                                            <part name="resp" element="tns:response"/>
   build.xml                                                                </message>
   globus-build-service.sh                                                  <portType name="authPortType" >
                                                                                  <operation name="addition">
   1. Creation of auth.wsdl File                                                  <input message="tns:AddInputMessage"/>
                                                                                  <output message="tns:AddOutputMessage"/>
   <?xml version="1.0" encoding="UTF-8"?>                                         </operation>
   <definitions name="auth"                                                 </portType>
                                                                            </definitions>
targetNamespace="http://www.globus.org/namespaces/add/h                      2. Create namespace2package.mappings for mapping
ello_instance"                                                           instances ,bindings and services.
         xmlns="http://schemas.xmlsoap.org/wsdl/"



                                                                   182                             http://sites.google.com/site/ijcsis/
                                                                                                   ISSN 1947-5500
                                                                 (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                                Vol. 8, No. 6, September 2010
   3. Write Implementation program .                                           [37]:
                                                                           http://192.168.100.3:8443/wsrf/services/TriggerService
                                                                               [38]:
   4.Create deploy-server.wsdd                                             http://192.168.100.3:8443/wsrf/services/gsi/AuthenticationS
   [globus@g20 service]$ vi deploy-server.wsdd                             ervice
                                                                               [39]:
                                                                           http://192.168.100.3:8443/wsrf/services/TestRPCService
   5.Create deploy-jndi-config.xml
                                                                               [40]:
   [globus@g20 service]$ vi deploy-jndi-config.xml                         http://192.168.100.3:8443/wsrf/services/ManagedMultiJobSe
                                                                           rvice
   6.Build the service                                                         9.Write Client Program for authentication.
   [globus@g20 ~example]$ sh globus-build-service.sh -d                        10. Before running the compiler, make sure to run the
org/add/service/ -s schema/add/hello.wsdl                                  following:
   7. After the successful building Grid Archive(GAR) file                     source $GLOBUS_LOCATION/etc/globus-devel-env.sh
has been created. Now we have to deploy the GAR file using                     The globus-devel-env.sh script takes care of putting all
globus-deploy-gar command.                                                 the Globus libraries into your CLASSPATH.
   [globus@g20~example]$                         globus-deploy-gar             [globus@gcluster example]$ source /usr/local/globus-
org_add_service.gar                                                        4.0.7/etc/globus-devel-env.sh
   8. After successful deployment of the GAR file start the                   11.[globus@gcluster                 example]$                  javac
globus container.                                                          org/add/client/Client.java
   [globus@g20 ~]$ globus-start-container                                     12.         [globus@gcluster             example]$              java
                                                                           org/add/client/Client




                                                                                                     Fig 3. GUI – Valid User
             Fig 2. GUI – Server side authentication

    [35]:
http://192.168.100.3:8443/wsrf/services/DefaultTriggerServi
ce
   [36]:
http://192.168.100.3:8443/wsrf/services/TrigonBasedAuth
enticationService




                                                                     183                              http://sites.google.com/site/ijcsis/
                                                                                                      ISSN 1947-5500
                                                                        (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                                       Vol. 8, No. 6, September 2010
                                                                                          lib/enus/dnglobspec/html/wssecureconversation.asp (accessed on
                                                                                          2002).
    The user is invalid since the username and password                            [7]    Eastlake, D. and Reagle, J. (Eds.) (2002) XML Encryption Syntax
haven’t stored in authentication and backend file. First time                             and      Processing.     W3C       Recommendation,       available     at
when user login his/her trigon value of the password gets                                 http://www.w3.org/TR/xmlenc-core/ (accessed on December 2002).
stored in the respective files. Next time when they login they                     [8]    Foster. I., Kesselman. C. and Tuecke. S, “The Anatomy of the Grid:
gets authenticated and token gets issued .                                                Enabling Scalable Virtual Organizations”, International Journal of
                                                                                          High Performance Computing Applications”, vol. 15, no.3, pp. 200-
                                                                                          222, 2001.
                                                                                   [9]    I. Foster, C. Kesselman, J. Nick, and S. Tuecke. The physiology of
                                                                                          the grid: An open grid services architecture for distributed systems
                        IV.    CONCLUSION                                                 integration, 2002.
                                                                                   [10]   I. foster, Argonne National Laboratory and the University of Chicago
                                                                                          ,carl kesselman, Information Sciences Institute, University of
    The Internet is a reasonable model for the Grid, providing                            Southern California ”THE GRID 2 blueprint for a new computing
both an early version of its services and a platform from                                 infrastructure”,2004
which to evolve. The authentication protocol, proposed here,                       [11]   Graham, S., Simeonov, S., Boubez, T. etc, “Building Web Service
enhanced the grid security as the authentication mechanism                                with Java: Making Sense of XML, SOAP, WSDL and UDDI”,
                                                                                          Indianapolis, IN: Sams Publishing, 2002.
utilized two servers for authentication. This simple trigon
                                                                                   [12]   Gudgin, M., Hadley, M., Mendelsohn, N., Moreau, J-J. and Nielsen,
concept utilization in the authentication protocol introduced a                           H.F. (2003) SOAP Version 1.2 Part 1: Messaging Framework. W3C
novel and revolutionary idea in the authentication                                        Recommendation, Available at http://www.w3.org/TR/soap12-part1/
mechanism as well as in grid environment. The                                             (accessed on June 2003).
implementation of our dual authentication protocol showed                          [13]   Grid         Archive         Creation:        http://gdp.globus.org/gt4-
its effective performance in pinpointing the adversaries and                              tutorial/multiplehtml/ch08s02.html.
paving the way to valid users for access with the VO for                           [14]   G. Laccetti and G. Schmid, "A framework model for grid security”,
resource sharing. So by hosting this authentication as a                                  Future Generation Computer Systems, vol. 23, no. 5, pp.702-713,
                                                                                          June 2007.
service it make the grid environment more secure. In future
these services will be located by type instead by names.                           [15]   Li, Y., Jin, H., Zou, D., Chen, J. and Han, Z. (2007) ‘A scalable
                                                                                          service scheme for secure group communication in grid’, 31st Annual
                                                                                          International Computer Software and Applications Conference
                                                                                          (COMPSAC 2007).
                      ACKNOWLEDGMENT                                               [16]   Li, Y., Jin, H., Zou, D., Liu, S. and Han, Z. (2008) ‘An authenticated
                                                                                          encryption mechanism for secure group communication in grid’, 2008
                                                                                          International Conference on Internet Computing in Science and
    Our thanks to Dr.R.Rudramoorthy,Principal,PSG                                         Engineering.
College of Technology and Mr.K.Chidambaram, Director,                              [17]   Li Hongweia, Sun Shixina and Yang Haomiaoa, “Identity-based
Grid and Cloud systems group, Yahoo software                                              authentication protocol for grid”, Journal of Systems Engineering and
                                                                                          Electronics, Vol. 19, no. 4, pp.860-865, August 2008.
development, India Private Limited for their support. This
                                                                                   [18]   Nagaratnam, N., Janson, P., Dayka, J., Nadalin, A., Siebenlist, F.,
project is carried out in Grid and Cloud lab, PSG College of                              Welch, V., Foster, I., and Tuecke, S., Security architecture for Open
Technology.                                                                               Grid            Services,          2002.           Available           at
                                                                                          www.globus.org/ogsa/Security/draft-ggf-ogsa-sec-arch-01.pdf.
                                                                                   [19]   Open Grid Services Architecture Data Access and Integration
                                                                                          (OGSA-DAI) Project: www.ogsa-dai.org.uk.
                           REFERENCES
                                                                                   [20]   K. Rochford, B. A. Coghlan, and J. Walsh. An agent-based approach
                                                                                          to grid service monitoring. In Proc. International Symposium on
[1]   S. Albayrak, S. Kaiser, and J. Stender. Advanced grid management                    Parallel and Distributed Computing (ISPDC 2006), July July, 2006.
      software for seamless services. Multiagent Grid Syst., 1(4):263.270,         [21]   Shirasuna, S., Nakada, H., Matsuoka, S., and Sekiguchi, S.,
      2005.                                                                               Evaluating Web services based implementations of GridRPC, in 11th
[2]   Andrew Johnson, Carl Kesselman, Jason Leigh, and Steven Tuecke,                     IEEE International Symposium on High Performance Distributed
      Application Experiences with the Globus Toolkit, Seventh IEEE                       Computing, Edinburgh, Scotland. IEEE Computer Society Press, Los
      International Symposium on High Performance Distributed                             Alamitos, CA, 2001.
      Computing (HPDC-7 ... T).                                                    [22]   Siebenlist, F., Welch, V., Tuecke, S., Foster, I., Nagaratnam, N.,
[3]   Antonioletti, M., and Jackson, M., OGSA-DAI Product Overview,                       Janson, P., Dayka, J., and Nadalin, A., Roadmap towards a secure
      2003. Available at www.ogsa-dai.org.uk/downloads/docs/OGSA-                         OGSA. Global Grid Forum, draft, 2002.
      DAI-USER-M3-PRODUCTOVERVIEW.pdf.                                             [23]   Shengxian Luo, Xiaochuan Peng, Shengbo Fan Peiyu Zhang,Study on
[4]   Christensen, E., Curbera, F., Meredith, G., and Weerawarana, S., Web                Computing         Grid     Distributed     Middleware        and      Its
      Services Description Language (WSDL) 1.1, W3C, Note 15, 2001.                       Application,International Forum on Information Technology and
      Available at www.w3.org/TR/wsdl.                                                    Application,2009.
[5]   K. Czajkowski, A. Dan, J. Rofrano, S. Tuecke, and M. Xu.                     [24]   Thatte, S., XLANG, Web services for business process design Web
      Agreement-based grid service management (ogsiagreement),                            site,                      Microsoft                        Corporation.
      Proceedings of 6th IEEE/ACM International Workshop on Grid                          www.gotdotnet.com/team/xml_wsspecs/xlang-c/default.htm..
      Computing (Grid2005).                                                        [25]   Ian Foster ,Carl Kesselman,The Globus Project: A Status Report, 5th
[6]   Della-Libera, G. et al. (2002) Web Services, Secure Conversation                    IEEE Symp. on High. Performance Distributed Computing.
      Languages (WS-Secure Conversation). Version 1.0, available at                [26]   H.-L. Truong, R. Samborski, and T. Fahringer. Towards a framework
      http://msdn.microsoft.com/library/default.asp?url=/                                 for monitoring and analyzing qos metrics of grid services. In E-
                                                                                          SCIENCE '06: Proceedings of the Second IEEE International




                                                                             184                                    http://sites.google.com/site/ijcsis/
                                                                                                                    ISSN 1947-5500
                                                                         (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                                        Vol. 8, No. 6, September 2010
       Conference on e-Science and Grid Computing, page 65, Washington,             Cloud Computing. She has presented 1 paper in National Conference. She
       DC, USA, 2006. IEEE Computer Society.                                        is the Best Outgoing Student in MTech 2010-2011 in PSG College of
[27]   UDDI. The UDDI technical white paper, http://www.uddi.org/, 2000.            Technology. You may contact her at dhaarinimp@gmail.com
[28]   Von Welch, Frank Siebenlist, Ian Foster, John Bresnahan, Karl
       Czajkowski, Jarek Gawor, Carl Kesselman, Sam Meder, Laura
       Pearlman and Steven Tuecke, “Security for Grid Services”, in
       proceedings of the 12th IEEE International Symposium on High
       Performance Distributed Computing, pp.48- 57, June 2003.
[29]   W3C Note "Web Services Definition Language (WSDL) 1.1",
       http://www.w3.org/TR/WSDL.
[30]   W3C       Note    “Simple    Object    Access      Protocol(SOAP)
       1.1”,http://swww.w3.org/TR/WSDL.




                       AUTHORS PROFILE

                        Dr G Sudha Sadasivam is working as a
                        Professor in Department of Computer Science and
                        Engineering in PSG College of Technology,
                        India. Her areas of interest include, Distributed
                        Systems, Distributed Object Technology, Grid
                        and Cloud Computing. She has published 20
                        papers in referred journals and 32 papers in
                        National and International Conferences. She has
                        coordinated two AICTE – RPS projects in
Distributed and Grid Computing areas. She is also the coordinator for PSG-
Yahoo Research on Grid and Cloud computing. You may contact her at
sudhasadhasivam@yahoo.com


                        V Ruckmani received B. Sc, MCA and M. Phil
                        degrees from the department of computer science,
                        Bharathiar University, India in 1994, 1997 and
                        2003 respectively. She is currently pursuing the
                        Ph. D degree, working closely with Prof. G.
                        Sudha Sadasivam. From 1997 to 2000 she worked
                        at PSG College of Arts and Science in the
                        department of Computer Science. Since
                        December 2000 she is working as a senior
                        lecturer in Department of Computer Applications
in Sri Ramakrishna Engineering College, India. She works in the field of
Grid Computing specializing in the area of security. You may contact her at
ruckmaniv@yahoo.com



                       K Anitha Kumari received BE(CSE) from
                       Department of Computer Science ,Avinashilingam
                       Deemed University and ME(SE) from Department
                       of Computer Science ,Anna University. She is
                       working as a Lecturer in Department of Information
                       Technology in PSG College of Technology, India.
                       Her areas of interest include Grid and Cloud
                       Computing. She has published 1 paper in referred
                       international journal and 5 papers in National and
International Conferences. She is the Best Outgoing Student in ME 2010-
2011 in PSG College of Technology. She awarded Gold Medal in BE(CSE)
in Avinashilingam Deemed University . You may contact her at
anitha.psgsoft@gmail.com


                         M P Dhaarini received BTech(IT) from
                         Department of Information Technology ,Anna
                         University and MTech(IT) from Department of
                         Information Technology, Anna University. She is
                         working as a Lecturer in Department of
                         Information Technology in PSG College of
                         Technology, India. Her areas of interest include




                                                                              185                               http://sites.google.com/site/ijcsis/
                                                                                                                ISSN 1947-5500

				
DOCUMENT INFO
Description: IJCSIS is an open access publishing venue for research in general computer science and information security. Target Audience: IT academics, university IT faculties; industry IT departments; government departments; the mobile industry and computing industry. Coverage includes: security infrastructures, network security: Internet security, content protection, cryptography, steganography and formal methods in information security; computer science, computer applications, multimedia systems, software, information systems, intelligent systems, web services, data mining, wireless communication, networking and technologies, innovation technology and management. The average paper acceptance rate for IJCSIS issues is kept at 25-30% with an aim to provide selective research work of quality in the areas of computer science and engineering. Thanks for your contributions in September 2010 issue and we are grateful to the experienced team of reviewers for providing valuable comments.