[Pgi-wg] OGF PGI - Security Model
Steven Newhouse
Steven.Newhouse at cern.ch
Thu Mar 26 13:16:08 CDT 2009
> Having to build
> adapters to translate (if possible) credentials in different formats
is
> a compromise which is more reasonable than having to wait for all the
> middlewares of the world to move towards a common security
> infrastructure.
In the short term... documenting and defining the 2 or 3 security models
is real progress. If a service only supports one of these I do not see
this as a problem - for all the reasons given. Providing credential
translation services to provide 'shims' (or bridges between these
islands) as an interim solution makes this work. Its a low risk to
individual services - they maintain their current stability - and can
migrate over time to support both or the most 'popular' one - let the
market decide!
Each service can then advertise the mechanisms it supports and clients
can locate credential translation services as required.
More information about the Pgi-wg
mailing list