Security in a Replicated Metadata Catalogue

The gLite-AMGA metadata has been developed by NA4 to provide simple relational metadata access for the EGEE user community. As advanced features, which will be the focus of this presentation, AMGA provides very fine-grained security also in connection with the built-in support for replication and federation of metadata. AMGA is extensively used by the biomedical community to store medical images metadata, digital libraries, in HEP for logging and bookkeeping data and in the climate community. The biomedical community intends to deploy a distributed metadata system for medical images consisting of various sites, which range from hospitals to computing centres. Only safe sharing of the highly sensitive metadata as provided in AMGA makes such a scenario possible. Other scenarios are digital libraries, which federate copyright protected (meta-) data into a common catalogue. The biomedical and digital libraries have been deployed using a centralized structure already for some time. They now intend to decentralize their activity to increase reliability and scalability without cutting back on security. The deployed systems make use of the EGEE workload management system; the biomed use-case has to schedule jobs to run over the stored data; and both the biomed use-case and the digital library one use a file-catalogue and the storage elements. Security in a replicate environment is a very complex problem, because it requires the nodes to establish some sort of trusted relationship. We will show how these problems have been tackled, which may be of interest also for other services in a Grid environment.