[OGSA-AUTHZ] OGSA-Authz-WG draft meeting minutes: OGF Jan 29 session

[David Chadwick]

Hi Takuya

I have uploaded them to the forge at

http://forge.gridforum.org/sf/docman/do/listDocuments/projects.ogsa-authz/docman.root.meeting_minutes

regards

David

Takuya Mori wrote:
> Hi Von, David,
> 
> Please find my slides in the attachement.
> 
>>> * Takuyi Mori presentation on NAREGI Authz Service and NAREGI XACML
> 
> Please correct my name to "Takuya Mori".
> Thank you,
> 
>>>  profile Slides will be sent to the email list SAML 2.0 and XACML 2.0
>>> based Uses GT authz framework Profile between Authz service client
>>> (in GT4) and Authz CVS Handles VOMS AC's and passes to Authz service 
>>> Presented mapping of attributes from X.509 EEC/VOMS AC into XACML 
>>> Resource Attribute Filtering Mechanism (RAFM) - Reference properties,
>>>  XACML profile has Subject, Resource and Action attributes
>> There is an issue as to how a resource's attributes are obtained by the
>> PEP. If the user submits them to the PEP there is a potential trust
>> issue here, and the attributes will need to validated by the CVS. If the
>> PEP obtains them itself from a local store this is not an issue.
> 
> Yes, this is an open issue.  I'll write the detail on the RAFM
> and send it to the list.
> 
> ----
>     Takuya Mori
>     moritaku at bx.jp.nec.com / tk-mori at isd.nec.co.jp
>     System Platform Software Development Division
>     NEC Corporation, Tokyo Japan

-- 

*****************************************************************
David W. Chadwick, BSc PhD
Professor of Information Systems Security
The Computing Laboratory, University of Kent, Canterbury, CT2 7NF
Skype Name: davidwchadwick
Tel: +44 1227 82 3221
Fax +44 1227 762 811
Mobile: +44 77 96 44 7184
Email: D.W.Chadwick at kent.ac.uk
Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html
Research Web site: http://sec.cs.kent.ac.uk
Entrust key validation string: MLJ9-DU5T-HV8J
PGP Key ID is 0xBC238DE5

*****************************************************************