GEO Grid on earth observation offers various data in an IT environment for safe and secure use by enterprises and research communities. Following key features of the IT environment must be fulfilled to realize GEO Grid.

Virtual Organization (VO)

In order to respecting data owner's publication policies, the GEO Grid system introduces the concept of a virtual organization (VO), for its design, in which various data and computing resources are provided as services represented by standard protocols. A VO is a dynamic collection of individuals, institutions, and resources, in which sharing of data, computers, software, and other resources are highly controlled, with resource providers and consumers defining clearly and carefully just what is shared, who is allowed to share, and the conditions under which sharing occurs. Following figure illustrates an overview of the GEO Grid VO design in which data services, processing services, and users each form VOs for their own purposes, such as disaster mitigation, weather prediction, or natural resource exploration. A VO is created dynamically by integrating available services and resources according to the interests and requirements of the VO.

Database federation

In order to achieve database federation that can integrate various kinds of distributed data, the infrastructure should not only support the OGC standards, but should also be based on a distributed, scalable, and secure framework. Our approach in GEO Grid is to provide database functionalities based on middleware called OGSA-DAI (Data Access and Integrations). OGSA-DAI is a service-based database access software based on a Web service infrastructure, such as WSRF or SOAP. The development is now a part of UK OMII (Open Middleware Infrastructure Institute) project. By using OGSA-DAI, we can accomplish the VO level authorization of OGSA-DAI. VOMS (VO Membership service) authorization which we adopted in GEO Grid will be supported in newest OGSA-DAI version.

Security

The GEO Grid system uses GSI (the Grid Security Infrastructure) and VO-level authorization mechanisms which are interoperable security architecture between OGC/OGF. The most prominent feature of our design is that our framework is scalable in terms of the number of users, organizations, and resources. Most procedures required for security are automated and only critical operations are left to each entity's hand. On the other hand, our framework does not eliminate existing services which provide GEO scientists with free content. In addition to the GSI, anonymous access, basic username/password authentication, and Public Key Infrastructure (PKI) can be used, according to the requirements of resource owners. GSI, the standard technology for security in the grid, is a public-key-based, X.509 compliant system that relies on trusted third parties for signing user, host, and service certificates. On the GEO Grid system, users are mapped to accounts of geologists and hosts, and services are mapped to the resources, such as computers, storage, databases, application services, and so on. GSI takes care of user- and resource-side security in authentication, authorization, and communication.