In an important test of datagrid technology, members of the D0 collaboration at Fermilab have successfully communicated across the Atlantic with colleagues in the UK. The aim of the grid is not only to make it possible to access data remotely on different machines, but also to enable data processing to take place on remote machines.
A vital first step in achieving this goal is to allow individuals wishing to access the grid to identify themselves and show that they are authorized users. A two-way trust must be established between the individual and the machine that is being used.
In the tests, carried out in February, Fermilab exchanged files with Lancaster University, UK and Imperial College, London, after the transfers had been authenticated using certificates issued by the Department of Energy ScienceGrid and the UK High Energy Physics Certificate Authority.
The “firewalls” installed in many computer systems are making it increasingly difficult to access computers remotely, which is the antithesis of the philosophy behind the grid. The authentication system is intended to provide a means of allowing secure access so that the grid can operate effectively. In February’s tests the certificates were used to establish trust between users and machines at Fermilab, Imperial College and Lancaster.
Although in this case the users were members of the same collaboration, the transfers took place as though the users were completely unknown to one another. This approach was used to test the Globus Toolkit – the software tool that was used to build the authentication system.
This software is currently being developed by the US-based Globus Project to bring about the higher level of computer access that will be essential if the grid is to fulfil its promise in a wider context.