[ogsa-wg] Taverna workflows
Donal K. Fellows
donal.k.fellows at manchester.ac.uk
Thu Jul 5 09:14:31 CDT 2007
Stephen M Pickles wrote:
> Support for security in Taverna is, as Donal says, ongoing work.
>
> However, at least one group is using Taverna to invoke secured
> services today. AstroGrid takes advantage of Taverna's plug-in
> technology to retrieve the necessary credentials to invoke a secured
> service from the "AstroGrid Runtime", a stateful service local to the
> user's desktop. This works fine for AstroGrid.
I've had a discussion with June Finch here about quite a lot more detail
in relation to Taverna's security and I've got a couple of interesting
points:
1) There's actually a lot of different security stuff going on around
Taverna, but much of it is (helpfully) unpublished or specific to a
particular project. (In some cases, username+password is what users
are using, and we all know how *that* sucks...)
2) They lack use-cases (something I'm going to be able to help them
with) and standards for how to handle security at a generic level.
I suspect that they will benefit very strongly from the Express
Authentication efforts, since it will cut through much of the
thicket of confusion.
Amazing how writing up things draws out comments from people. ;-)
Donal.
More information about the ogsa-wg
mailing list