[saga-rg] Re: SAGA and Security

[Andre Merzky]

Hi group, 

we managed to corner the Security Area ADs at GGF in Athens,
and to get some statements from them in respect to:

  "What security paradigms are generically available in
   Grids, and what should be exposed to the end user?"

Well, their answer was basically, that there is no agreed
upon approach in the scope of GGF, so, the best we can do is
to look at Grid implementations, and abstract/generalize
their security paradigms.

A viable approach in their opinion would be to base security
settings on strings, and allow the implementation to interpret
them accordingly.  That approach is very close to what we
have right now for sessions, and what we want to have for
streams.

Shantenu and I discussed that shortly, and would like to
propose as follows:

  - for the time being, keep security  out of the API where
    not absolutely necessary
  - where absolutely necessary (case by case), keep exposure
    of security paradigms simple and generic

I think the notion of context that we have in the SAGA API fits
that approach well:  by default they are invisible.

We would be happy to get comments, also from the Cc'ed
Security ADs (hope we interpreted your answer correctly).

Cheers, Andre & Shantenu.


-- 
"So much time, so little to do..."  -- Garfield