[Pgi-wg] OGF PGI - Security Model
Laurence Field
Laurence.Field at cern.ch
Thu Mar 26 11:01:56 CDT 2009
Hi Duane,
I think that this is going to be the case, at least in the short term.
The overall aim is to have interoperable infrastructures, at least to
the point which is required by the use cases they have to support.
However, if this hasn't happened in over 8 years of OGF, I don't think
one working group can achieve it in 18 months.
The security model is the fundamental building block that needs to be
agreed but we are very far from achieving this goal. What we can do is
cluster around certain security models and move forward in other areas.
The VOMS-style approach is one such cluster and we need to have a way of
using this with BES. Others may need to define a way of working with
SAML and BES etc. As you said, we can define these as separate profiles
and point the cluster to the respective documents. Job Done.
Grid Islands will still be around but they will be larger and closer. We
are attempting to bridge these islands one stepping stone at a time.
BES is one more stone we would like in the water.
Laurence
Duane Merrill wrote:
> Forgive me for pushing my logic to the extreme; I do realize that
> ARC/gLite/Naregi are similar enough that they could be congealed to
> constitute a "grid island" with some degree of effort.
>
> My point is that the working group is still faced with a crisis of
> identity: it is not about "production grid interoperability", but
> rather about "A-type interoperability", "B-type interoperability",
> "C-type interoperability" where {A, B, C, etc.} is the set of
> credentialing schemes that, depending on the effort we are willing to
> invest, may number as many as there are different middleware
> implementations (no effort), or as few as one integrated scheme.
>
> The operative phrase being "the amount of effort we are willing to
> invest". Perhaps we should survey /that/.
>
> -Duane
More information about the Pgi-wg
mailing list