End-to-End Security Software component for securing Grid and Web services
The E2ESecurity software component is designed to be seamlessly integrated into Grid and Web services environments. It allows the policy-based securing of single services or whole service environments without introducing the need for source code modifications on neither the service-side nor the client-side (see figure). It relies on common and widely deployed Web Service Security standards such as WS-Security for secure messaging, WS-SecureConversation for the secure exchange of multiple messages within a conversation and WS-Trust for key establishment and management. Furthermore E2ESecurity supports the creation of Virtual Organisations according to a hierarchical trust model based on certificates and corresponding certification authorities.

Contribution to SIMDAT
In SIMDAT the E2ESecurity component is used for encrypting, integrity protecting and authenticating the communication between a Grid client and a Grid service from end-to-end.

The E2ESecurity component as it is available for use and integration purposes. Currently it is integrated into the Business-to-Business prototype of the pharma activity. The E2EScurity component is available under the LGPL license.

Jochen Fingberg
C&C Research Laboratories, NEC Europe Ltd.
Rathausallee 10
53757 Sankt Augustin