[ogsa-wg] Minutes of OGSA-WG Thursday morning slot 1 security discussion 15 Feb 2007

Alan Sill Alan.Sill at ttu.edu
Thu Feb 15 08:04:59 CST 2007 

OGSA WG teleconference Thursday 15 Feb 2007 Slot 1, -7:00-08:00  
Centtral US time

Attending:
Hiro Kishimoto
Andreas Savva
Andrew Grimshaw
Alan Sill

1) Early discussion (10 min)
          Note taker assignment - Alan Sill
          Roll call - as above
          Agenda bashing - Andrew suggested an alternate agenda /  
list of topics as in 2) below:


2) Security discussion (Alan Sill and Andrew Grimshaw 50 min)

OGF19 security session minutes approval
- https://forge.gridforum.org/sf/go/doc14164
Deferred due to current lack of quorum.  Security action item review  
also referred to later meeting.

Andrew proposed the following topics for further work and discussion

a. Need for short-term decision on basic client authentication.

b. Need for rapid agreement on how to indicate authentication methods  
that are supported by a service.

c. Longer term discussion on authentication and delegation (OGSA- 
AuthN/AuthZ).

d. Discussion on HPC profile in context of above.

This is a long-term list, so discussion can only start here.

Andrew explained that the HPC profile group included username/ 
password access to allow for the range of practice that they saw in  
use in clusters used in industry.  The underlying systems in use in  
industry often use this in preference to other mechanisms (X.509,  
Kerberos, etc.) that are available.  Alan agreed that this is  
valuable input.  One approach would be to accept the HPC profile as  
input into the OGSA-AuthN Community Practice document, along with  
input from the Levels of Assurance RG.

The goal at hand is to define the relationship between various  
security approaches and profiles and the OGSA definition of keys and  
tokens to be used in web services.  GSI appears to be the base for  
implementations of most academic and large-scale international grids  
(EGEE, LCG, Open Science Grid, etc.) for access to both pre-WS and WS- 
based grid services.  A short-term action item would be to locate and  
document the standards that underly such implementations.

Other near-term action items:

- Andrew will contact Ian Foster to obtain references for any  
standards or  implementation reference documents that underly GSI and  
GRAM4.

- Alan will contact Jim Basney to find references he referred to in  
the OGSA-AuthN OGF-19 session.

Hiro proposed moving the security discussions to Monday afternoons  
(Central time) to enable wider participation.  This was agreed.

Sincerely,

Alan Sill, Ph.D
TIGRE Senior Scientist, High Performance Computing Center
Adjunct Professor of Physics
TTU

====================================================================
:  Alan Sill, Texas Tech University  Office: Admin 233, MS 4-1167  :
:  e-mail: Alan.Sill at ttu.edu   ph. 806-742-4350  fax 806-742-4358  :
====================================================================

More information about the ogsa-wg mailing list