Scheduling services and security ticket token services in iLab interactive services
Massachusetts Institute of Technology. Dept. of Civil and Environmental Engineering.
Steven R. Lerman.
MetadataShow full item record
The iLab architecture allows students to execute laboratory experiments remotely through internet. It supports three different kinds of experiments: batched, interactive and sensor-based. The iLab Interactive Experiments architecture includes the following servers and services: the Interactive Service Broker (ISB), the Experiment Storage Service (ESS) and the Lab Server (LS). In addition, students execute interactive experiments by running a Lab Client (LC). In order to support interactive experiments which require scheduled access, the iLab interactive architecture envisions scheduling servers and services which enable students from different campuses to reserve time periods to execute experiments. Since the user side and lab side require different scheduling functionalities, a user-side scheduling server (USS) and a lab-side scheduling server (LSS) are introduced in the iLab Interactive Services to manage reservations. In the first part of this thesis, the philosophy of the scheduling services design and the implementation will be illustrated in detail. In dealing the security issues in the iLab interactive architecture, the complexity of the higher level authentication between iLab processes increases when one considers collaboration between domains. In second part of this thesis, I present a Security Token Service (STS) scheme for using WS-Security to optimize the cross-domain authentication in the iLab interactive architecture. The scheme uses the brokered authentication with a security token issued by the STS. The STS is trusted by the web applications and web services in the iLab interactive architecture to provide interoperable security tokens. A security token is used to convey the credential information and the proof of a relationship with the broker, which can be used by the service to verify the token. A comparison between the STS scheme and the current General Ticket scheme is summarized.
Thesis (S.M.)--Massachusetts Institute of Technology, Dept. of Civil and Environmental Engineering, 2007.Includes bibliographical references (leaves 65-66).
DepartmentMassachusetts Institute of Technology. Dept. of Civil and Environmental Engineering.
Massachusetts Institute of Technology
Civil and Environmental Engineering.