[Pgi-wg] Wiki Matrix
mineo
mineo at riken.jp
Fri Apr 3 03:36:32 CDT 2009
Hi PGI-wg team,
Wiki Matrix of "Technical survey in security aspect" is to be revised as follows in case of NAREGI.
Please note that NAREGI has not yet implemented BES, and now we are looking for the best way to support both BES and NAREGI services in our middleware.
-----------------------------
Transport layer security: TLS/SSL ->ditto
HTTP layer security: Https,Httpg ->ditto
SOAP layer security: none ->ditto
X.509 Credential: X.509 Proxy ->ditto
Capability to consume Proxy: ->Proxy certificate chain verification on client and service side
X.509 Credential delegation: ->Pluggable module or library for credential delegation on both client and service side, and Delegation Service (planed)
X.509 proxy restriction: ->TBD
Capability to enforce restriction: ->TBD, The restriction policy will be enforced on service side
Attributes as proxy extension: Attribute Certificates ->ditto
Capability to consume AC: AC will be verified, and used for access control on both meta scheduler and service side
Attributes embedded in SOAP header: SAML Assertions ->none (not planned)
Capability to consume SAML Assertion: ->none (not planned)
Authorization policy: GridMap /XACML 2 ->ditto
---------------------------------
Best regards,
Mineo
--
Shinichi Mineo
RIKEN
tel : 048-467-9741
e-mail : mineo at riken.jp
More information about the Pgi-wg
mailing list