[saga-rg] Re: SAGA and Security

Andre Merzky andre at merzky.net
Sun Feb 19 15:35:36 CST 2006 

Hi John, 

I'm afraid that the document does not help too much, for
several reasons.

For one, it is describing requirements - so it poses similar
questions as SAGA does, but does not provide a answer
really.

Also, it is very AG-centric - e.g. data management is only
mentioned in respect to files shared for an AG session, or
for the purpose of immersed visualization etc.  

And finally I am afraid that the ACE group went into
hibernate mode - they seem not to have picked up their
requirement document, and developed a solution on top of
that.

Well, having said that, I think it provides an excellent
sanity check for our own security requierements, and should
help us to complete what we learned from the use cases In
particular the viz use cases we have).

Cheers, Andre.



Quoting [John Shalf] (Feb 19 2006):
> Cc: mulmo at pdc.kth.se, skow at mcs.anl.gov
> From: John Shalf <jshalf at lbl.gov>
> Subject: Re: [saga-rg] Re: SAGA and Security
> Date: Sun, 19 Feb 2006 13:22:30 -0800
> To: Andre Merzky <andre at merzky.net>, SAGA RG <saga-rg at ggf.org>
> 
> 
> I don't know if this will help or hurt the discussion, but has  
> everyone had an opportunity to read the ACE-grid security document?  
> It refers to itself as addressing security for "collaborative  
> environments," but they go through a number of use cases that are  
> very relevant to SAGA.  Deb Agarwal and Markus Lorch also contributed  
> an excellent discussion of implementations and scenarios for  
> reasonable security implementations .  It may help bring us SAGA  
> members up-to-speed on some aspects of the security model  
> considerations.
> 
> 	http://www.ggf.org/documents/GFD.43.pdf
> 
> On Feb 13, 2006, at 12:58 AM, Andre Merzky wrote:
> >Hi group,
> >
> >we managed to corner the Security Area ADs at GGF in Athens,
> >and to get some statements from them in respect to:
> >
> >  "What security paradigms are generically available in
> >   Grids, and what should be exposed to the end user?"
> >
> >Well, their answer was basically, that there is no agreed
> >upon approach in the scope of GGF, so, the best we can do is
> >to look at Grid implementations, and abstract/generalize
> >their security paradigms.
> >
> >A viable approach in their opinion would be to base security
> >settings on strings, and allow the implementation to interpret
> >them accordingly.  That approach is very close to what we
> >have right now for sessions, and what we want to have for
> >streams



-- 
"So much time, so little to do..."  -- Garfield

More information about the saga-rg mailing list