[saga-rg] Subject: BOUNCE saga-rg at ggf.org: Non-member submission from [Dane Skow
Shantenu Jha
s.jha at ucl.ac.uk
Mon Feb 13 04:09:45 CST 2006
From: Dane Skow <skow at mcs.anl.gov>
Subject: Re: SAGA and Security
Date: Mon, 13 Feb 2006 11:54:43 +0200
Hi Andre,
I have some reservations with this summary of our discussion but as I
indicated, I think I don't understand the scope/abstraction levels
you are after. We seem to be mixing several things here in this
discussion. I believe you've been talking primarily with Olle so
perhaps it's my confusion. I will try to attend your session at 10:30
on Wednesday, though it conflicts with the CAOPs session we'll also
need to cover.
Within the OGSA architecture in GGF we can make some simplifying
statements about a common paradigm. However, if the goal is to
provide an API generic across ANY Grid infrastructure, the task is
more difficult.
We can also make simplifications if one assumes the API is for
accessing Grid services and does not expect to efficiently adapt to
local communications between individual users.
I'm having a hard time understanding whether the desire is to
understand "the" common grid security model (there are some things we
can say pretty broadly now for the common ones in GGF: x509
credentials are the common denominator for grid identification/
authentication, etc), to find/build a common library set for building
tools to implement common security goals in applications (eg. set/
read an ACL for accessing a file/service, etc), or to identify what
the elemental security actions are for a broad set of grid services.
As I mentioned in our talk, I believe we have lessons to learn here
from how IETF has handled the job of integrating security into
application/protocol design. The answer is clearly NOT to have
external experts come in a "sprinkle security pixie dust" (not what I
understand you to be asking for by the way), but rather to
consolidate on a common toolkit of security tools/protocols that are
well understood/reviewed and have developers consider possible abuses
of their protocols/services/software. Somehow we need to figure out
how to make this work in GGF. I (and I'll be Olle) will be happy to
work with you on how to make this happen.
Cheers,
Dane
On Feb 13, 2006, at 10:58 AM, Andre Merzky wrote:
> Hi group,
>
> we managed to corner the Security Area ADs at GGF in Athens,
> and to get some statements from them in respect to:
>
> "What security paradigms are generically available in
> Grids, and what should be exposed to the end user?"
>
> Well, their answer was basically, that there is no agreed
> upon approach in the scope of GGF, so, the best we can do is
> to look at Grid implementations, and abstract/generalize
> their security paradigms.
>
> A viable approach in their opinion would be to base security
> settings on strings, and allow the implementation to interpret
> them accordingly. That approach is very close to what we
> have right now for sessions, and what we want to have for
> streams.
>
> Shantenu and I discussed that shortly, and would like to
> propose as follows:
>
> - for the time being, keep security out of the API where
> not absolutely necessary
> - where absolutely necessary (case by case), keep exposure
> of security paradigms simple and generic
>
> I think the notion of context that we have in the SAGA API fits
> that approach well: by default they are invisible.
>
> We would be happy to get comments, also from the Cc'ed
> Security ADs (hope we interpreted your answer correctly).
>
> Cheers, Andre & Shantenu.
>
>
> --
> "So much time, so little to do..." -- Garfield
>
More information about the saga-rg
mailing list