BPEL is the de-facto standard for business process modeling in today\\\'s enterprises and is a promising candidate for the integration of business and Grid applications. While BPEL works well for traditional web services, it has a number of drawbacks with respect to the more complex world of WSRF-based Grid computing, especially where security is concerned. In this paper, a solution that extends the BPEL security approach to encompass secure Grid application interactions is presented. The proposed approach is capable of handling both web service and Grid service resources and their corresponding security mechanisms. The BPEL language is extended by security-related settings. An implementation of a GSI-compliant BPEL engine that can also manage the lifetime of proxy certificates is presented.

1. Composition and Execution of Secure Workflows in WSRF-Grids Tim Dörnemann, Matthew Smith, Bernd Freisleben Department of Mathematics & Computer Science University of Marburg, Germany {doernemt, matthew, freisleb}@informatik.uni-marburg.de

4. Sample Application (Biz2Grid) Distributed Meshing in Computer Aided Engineering

5. Sample Application (InGrid) Metal Casting: Numerical simulations are performed to substitute the expensive and time-consuming building processes for physical tools and prototypes (Simulation of a motor piston)

11. Security in Grid Workflows

16. Integration of MyProxy solution SOAP-Client Username=doernemt password=XXXXX HTTPS MyProxy Server R equest Proxy (TLS) Secure Grid Service A renew Renew Proxy (TLS) Secure Grid Service B

20. BPEL Engine – Security Extensions

22. ViGO-Wizards Creation of new elements (here: invocation of Grid service) using wizards

23. Defining Security Settings Graphically

24. Adaptive Detail View

25. Monitoring of Running Processes Detail view

27. Performance Results Results for integrity (message signing)

28. Performance Results Results for privacy (message encryption)

29. Performance Results Integrity (Signing of messages) Encryption (Encryption of messages)

31. That‘s it... Thank You! Questions?

33. call create deploy create create deploy Workflow Engine execute GDT Workflow Workflow Editor User Certifi-cate GDT Certificate Tools Grid Service Grid Application Development Lifecycle public class SwABenchmark { @GridAttribute private long rt = 0; @GridMethod public void testA(Ref a) { … rt = System.nanoTime()-st; } } Generate Service.gar Package

34. Grid Development Tools (GDT) Model-Driven Development of Grid Services (IBM Eclipse Innovation Award, 2005; Globus Incubator Project, 2006) public class SwABenchmark { @GridAttribute private long rt = 0; @GridMethod public void testA(Ref a) { … rt = System.nanoTime()-st; } } Generate Deploy Service.gar Package

35. Extension to the ActiveBPEL Engine

36. BPEL W.M. Tool – High-Level Architecture