. 2008 May-Jun;15(3):363-73.

doi: 10.1197/jamia.M2662. Epub 2008 Feb 28.

Sharing data and analytical resources securely in a biomedical research Grid environment

Stephen Langella¹, Shannon Hastings, Scott Oster, Tony Pan, Ashish Sharma, Justin Permar, David Ervin, B Barla Cambazoglu, Tahsin Kurc, Joel Saltz

Affiliations

PMID: 18308979
PMCID: PMC2409996
DOI: 10.1197/jamia.M2662

Sharing data and analytical resources securely in a biomedical research Grid environment

Stephen Langella et al. J Am Med Inform Assoc. 2008 May-Jun.

. 2008 May-Jun;15(3):363-73.

doi: 10.1197/jamia.M2662. Epub 2008 Feb 28.

Authors

Stephen Langella¹, Shannon Hastings, Scott Oster, Tony Pan, Ashish Sharma, Justin Permar, David Ervin, B Barla Cambazoglu, Tahsin Kurc, Joel Saltz

Affiliation

¹ Department of Biomedical Informatics, The Ohio State University, 3184 Graves Hall, 333 West 10th Ave., Columbus, OH 43210, USA.

PMID: 18308979
PMCID: PMC2409996
DOI: 10.1197/jamia.M2662

Abstract

Objectives: To develop a security infrastructure to support controlled and secure access to data and analytical resources in a biomedical research Grid environment, while facilitating resource sharing among collaborators.

Design: A Grid security infrastructure, called Grid Authentication and Authorization with Reliably Distributed Services (GAARDS), is developed as a key architecture component of the NCI-funded cancer Biomedical Informatics Grid (caBIG). The GAARDS is designed to support in a distributed environment 1) efficient provisioning and federation of user identities and credentials; 2) group-based access control support with which resource providers can enforce policies based on community accepted groups and local groups; and 3) management of a trust fabric so that policies can be enforced based on required levels of assurance.

Measurements: GAARDS is implemented as a suite of Grid services and administrative tools. It provides three core services: Dorian for management and federation of user identities, Grid Trust Service for maintaining and provisioning a federated trust fabric within the Grid environment, and Grid Grouper for enforcing authorization policies based on both local and Grid-level groups.

Results: The GAARDS infrastructure is available as a stand-alone system and as a component of the caGrid infrastructure. More information about GAARDS can be accessed at http://www.cagrid.org.

Conclusions: GAARDS provides a comprehensive system to address the security challenges associated with environments in which resources may be located at different sites, requests to access the resources may cross institutional boundaries, and user credentials are created, managed, revoked dynamically in a de-centralized manner.

PubMed Disclaimer

Figures

**Figure 1**
Example usage scenarios for Dorian. Users at Georgetown, OSU, and Duke use their institutional authentication services, while the unaffiliated user utilizes Dorian as an identity provider.

**Figure 2**
Grid Grouper Architecture. Group and stem creation and management can be done through a graphical user interface (Grid Grouper Admin UI) provided by the Grid Grouper infrastructure.

**Figure 3**
Multiple clients accessing Grid-enabled imaging services. In this setting, a client (e.g., a reviewer) needs to have Grid credentials to be able to interact with secure image services.

**Figure 4**
Data groups for images are organized hierarchically by patient, study, series, and image.

**Figure 5**
A user group's access to data can be controlled for individual patient, study, or series. Authorization is inherited by children nodes in the information hierarchy as shown here for the two patients on the right, where the user is allowed to access one patient (white documents) while disallowed from accessing the other (black documents). The inherited authorization can be overridden at a child node, as shown in the leftmost patient, where the user is allowed to access the patient, except for one study, and one series.

See this image and copyright information in PMC

Cited by

Semantic web data warehousing for caGrid.
McCusker JP, Phillips JA, González Beltrán A, Finkelstein A, Krauthammer M. McCusker JP, et al. BMC Bioinformatics. 2009 Oct 1;10 Suppl 10(Suppl 10):S2. doi: 10.1186/1471-2105-10-S10-S2. BMC Bioinformatics. 2009. PMID: 19796399 Free PMC article.
caGrid-Enabled caBIG Silver Level Compatible Head and Neck Cancer Tissue Database System.
Wang H, Bouzyk E, Kuehn A, Muller S, Chen Z, Khuri FR, Shin DM, Rogatko A, Tighiouart M. Wang H, et al. Open Med Inform J. 2010 Sep 1;4:171-8. doi: 10.2174/1874431101004010171. Open Med Inform J. 2010. PMID: 21589853 Free PMC article.
HPC AND GRID COMPUTING FOR INTEGRATIVE BIOMEDICAL RESEARCH.
Kurc T, Hastings S, Kumar V, Langella S, Sharma A, Pan T, Oster S, Ervin D, Permar J, Narayanan S, Gil Y, Deelman E, Hall M, Saltz J. Kurc T, et al. Int J High Perform Comput Appl. 2009 Aug 1;23(3):252. doi: 10.1177/1094342009106192. Int J High Perform Comput Appl. 2009. PMID: 20107625 Free PMC article.
Adoption and Adaptation of caGrid for CTSA.
Hastings S, Oster S, Langella S, Melean C, Borlawsky T, Dhavel R, Payne P. Hastings S, et al. Summit Transl Bioinform. 2009 Mar 1;2009:44-8. Summit Transl Bioinform. 2009. PMID: 21347169 Free PMC article.
Identifiability in biobanks: models, measures, and mitigation strategies.
Malin B, Loukides G, Benitez K, Clayton EW. Malin B, et al. Hum Genet. 2011 Sep;130(3):383-92. doi: 10.1007/s00439-011-1042-5. Epub 2011 Jul 8. Hum Genet. 2011. PMID: 21739176 Free PMC article. Review.

See all "Cited by" articles

References

1. Saltz J, Oster S, Hastings S, Langella S, Kurc T, Sanchez W, et al. caGrid: Design and Implementation of the Core Architecture of the Cancer Biomedical Informatics Grid Bioinform 2006;22(15):1910-1916. - PubMed
1. Langella S, Oster S, Hastings S, Siebenlist F, Phillips J, Ervin, et al. The Cancer Biomedical Informatics Grid (caBIG™) Security InfrastructureProceedings of the 2007 American Medical Informatics Association (AMIA) Annual Symposium. Chicago, IL 2007. - PMC - PubMed
1. Oster S, Hastings S, Langella S, Ervin D, Madduri R, Kurc T, et al. caGrid 1.0: A Grid Enterprise Architecture for Cancer ResearchProceedings of the 2007 American Medical Informatics Association (AMIA) Annual Symposium. Chicago, IL 2007. - PMC - PubMed
1. Czajkowski K, Ferguson DF, Foster I, Frey J, Graham S, Sedukhin I, et al. The WS-Resource Framework version 1.0. 2004[cited 2004]http://www.globus.org/wsrf/specs/ws-wsrf.pdf 2007. Accessed March 2008.
1. Foster I, Czajkowski K, Ferguson DF, Frey J, Graham S, Maguire T. Modeling and Managing State in Distributed Systems: The Role of OGSI and WSRF Proceedings of IEEE 2005;93(3):604-612.

Publication types

Actions
Actions

MeSH terms

Actions
Actions
Actions
Actions
Actions

Grants and funding

LinkOut - more resources

Full Text Sources

Save citation to file

Email citation

Add to Collections

Add to My Bibliography

Your saved search

Create a file for external citation management software

Your RSS Feed

Sharing data and analytical resources securely in a biomedical research Grid environment

Affiliation

Sharing data and analytical resources securely in a biomedical research Grid environment

Authors

Affiliation

Abstract

Figures

Similar articles

Cited by

References

Publication types

MeSH terms

Grants and funding

LinkOut - more resources

Full Text Sources