The decentralized, loosely-coupled nature of Grid computing poses many security challenges that range from the prevention of unauthorized behavior to the achievement of interoperable communication. Security is a crosscutting aspect of Grid computing that must be considered by communities working at all architectural levels, i.e. standards bodies, middleware software designers, site administrators, and the users who create and manage Grid resources and applications. In today’s climate of burgeoning Grid standardization, the middleware architect is uniquely positioned to impact both the standards and user communities.

In this work, we present the security architecture for the Genesis II project, an open source, standards-based Grid middleware implementation designed to support both high-throughput computing and secure data sharing. Our security architecture provides an extensible set of security services and related mechanisms that are intended to accommodate user and administrator needs, including features for secure communication, single sign-on, delegation of identity and rights, and support for diverse credential infrastructures and authorization schemes. We have worked within the Open Grid Forum (OGF) standards community to develop two new security profiles promoting interoperability among diverse middleware implementations: the Secure Communication and Secure Addressing profiles. Our security architecture leverages these two profiles to foster the discovery of secure communication requirements of Grid resources.