[AuthZ] AuthZ Glossary in Public comment

Richard Sinnott ros at dcs.gla.ac.uk
Fri Nov 19 04:00:10 CST 2004 

Hi All,
A few notes/comments on the glossary. 

Some terms are not defined which, given their relevance to the area of
security, I assume that they would/should be. 

Accounting
Auditing
Authentication - (various associated terms are given authentication
credential/token, but not the term itself)
Confidentiality
Data integrity
Logging
Privacy

...also how about 
Obligation


A couple of definitions I'm not sure about.

"Service" - not sure I like this definition (and there is a problem with
definition dependencies, "service: the component that mediates access to
a 'resource'" where a 'resource' is defined as "component that provides
or hosts 'services'").

Perhaps clarity to this can be gained by answering the question of
whether a container hosting a Grid service is a resource or a service?

"Trust" - why does this include taking actions? Should it not be

"The willingness to accept the risk associated with assertions made by
other parties"


A few minor typoes 
Page 3 section "Attribute"  - ", .e.g., " drop the "."

References 
LDAP - should be "Lightweight Directory Access Protocol"


My $0.02c.
Rich

-----Original Message-----
From: owner-authz-wg at gridforum.org [mailto:owner-authz-wg at gridforum.org]
On Behalf Of Olle Mulmo
Sent: 17 November 2004 15:34
To: 'Markus Lorch'; authz-wg at gridforum.org
Subject: RE: [AuthZ] AuthZ Glossary in Public comment


Please note that the authors themselves are encouraged to provide
comments during the this process, as an indication that they have
actually read the
(whole) document and agree with it.

/Olle

-----Original Message-----
From: owner-authz-wg at gridforum.org [mailto:owner-authz-wg at gridforum.org]
On Behalf Of Markus Lorch
Sent: Friday, November 12, 2004 12:47
To: authz-wg at gridforum.org
Subject: [AuthZ] AuthZ Glossary in Public comment

Hi All,

our Authorization Glossary is currently undergoing the public comment
period. I would like to ask interested parties to read throught he
glossary document and post comments to gridforge? Even if you completely
agree and request no changes please create a gridforge comment stating
your agreement. 

The intent of the document is to capture the general meaning of the set
of terms typically used in grid authorization discussions. This will be
your last chance to request a change to the definition of authorization
terms in this document. 

You can get to the document from here:
http://www.ggf.org/Public_Comment_Docs/Public_Comment_Documents.htm

Thanks much

Markus

----------------------------------------------------------------
Markus Lorch                     
Department of Computer Science         	Phone: +1 540 231 5914
Virginia Tech, m/c 106                    Fax:	 +1 540 231 6075
Blacksburg, VA 24061, U.S.A.     http://people.cs.vt.edu/~mlorch

More information about the authz-wg mailing list