[Pgi-wg] Discussion about elements/priorities in the field of security
Morris Riedel
m.riedel at fz-juelich.de
Tue Mar 17 06:17:35 CDT 2009
Hi PGI security folks,
currently I see five major elements in terms of security related to PGI:
(1)
Authentication/Attribute-based Authorization (i.e. plumbings as named
earlier), maybe first push-based before looking at pull-based models -
although, this of course, can be discussed as well among us.
(2)
Agreement on Definition/Semantics/Structure of Attributes
(3)
Encoding of delegation restriction/constraints
(4)
Interface of delegation service (maybe based on subset of WS-Trust)
(5)
Agreement on third party credentials transportation (e.g. a delegated
GridFTP proxy/SAML assertion-based access for data-staging during BES
submissions)
As a starting point - have I forgot something in this enumeration? If so -
please answer to this thread.
In terms of priorities, I would suggest to focus first on number one, but of
course feel free to comment within this thread.
Your co-chair,
Morris
P.S. I cc'ed the area director of security (David Groep) to ensure that we
did not duplicate efforts done elsewhere (i.e. in the OGSA-AuthZ group). We
have been in touch about a few security issues raised in GIN earlier. CIAO.
------------------------------------------------------------
Morris Riedel
SW - Engineer
Distributed Systems and Grid Computing Division
Jülich Supercomputing Centre (JSC)
Forschungszentrum Juelich
Wilhelm-Johnen-Str. 1
D - 52425 Juelich
Germany
Email: m.riedel at fz-juelich.de
Info: http://www.fz-juelich.de/jsc/JSCPeople/riedel
Phone: +49 2461 61 - 3651
Fax: +49 2461 61 - 6656
Skype: MorrisRiedel
"We work to better ourselves, and the rest of humanity"
Sitz der Gesellschaft: Jülich
Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498
Vorsitzende des Aufsichtsrats: MinDirig'in Bärbel Brumme-Bothe
Vorstand: Prof. Dr. Achim Bachem (Vorsitzender),
Dr. Ulrich Krafft (stellv. Vorsitzender)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3550 bytes
Desc: not available
Url : http://www.ogf.org/pipermail/pgi-wg/attachments/20090317/7ec46b12/attachment.bin
More information about the Pgi-wg
mailing list