Trust issues in shibboleth-enabled federated grid authentication and authorization infrastructures supporting multiple grid middlewares
In Germany's D-Grid project numerous Grid communities are working together to develop a common overarching Grid. One major aim of D-Grid is thus to integrate the existing Grid deployments and make them interoperable. The major challenge in this endeavor lies in the heterogeneity of the current implementations: Three Grid middleware and different VO management approaches have to be orchestrated to achieve the intended interoperability. This paper presents some of the findings of the IVOM project regarding VO management technologies. Furthermore, options are discussed for making Shibboleth federations and VO management systems interoperable so that attributes from both sources can be used for authentication and authorization in Grids. Finally two approaches, one using a so called "trust proxy" and one without trust proxying, are presented and support by current Grid middleware is discussed.