[saga-rg] Re: SAGA and Security
John Shalf
JShalf at lbl.gov
Tue Feb 21 02:15:18 CST 2006
On Feb 19, 2006, at 1:35 PM, Andre Merzky wrote:
> Hi John,
> I'm afraid that the document does not help too much, for
> several reasons.
>
> For one, it is describing requirements - so it poses similar
> questions as SAGA does, but does not provide a answer
> really.
I think then that my point was not clear. SAGA lacks a clear
statement of security requirements. The ACE security document does a
good job of enumerating their requirements -- its something ACE did
correctly despite the lack of follow-through on the results. It
certainly makes conversations with members of the security community
more focused when you have a clear statement of requirements laid out
for them.
> Also, it is very AG-centric - e.g. data management is only
> mentioned in respect to files shared for an AG session, or
> for the purpose of immersed visualization etc.
I agree. In fact, I think I said so in my original message.
> And finally I am afraid that the ACE group went into
> hibernate mode - they seem not to have picked up their
> requirement document, and developed a solution on top of
> that.
>
> Well, having said that, I think it provides an excellent
> sanity check for our own security requierements, and should
> help us to complete what we learned from the use cases In
> particular the viz use cases we have).
>
> Cheers, Andre.
>
>
>
> Quoting [John Shalf] (Feb 19 2006):
>> Cc: mulmo at pdc.kth.se, skow at mcs.anl.gov
>> From: John Shalf <jshalf at lbl.gov>
>> Subject: Re: [saga-rg] Re: SAGA and Security
>> Date: Sun, 19 Feb 2006 13:22:30 -0800
>> To: Andre Merzky <andre at merzky.net>, SAGA RG <saga-rg at ggf.org>
>>
>>
>> I don't know if this will help or hurt the discussion, but has
>> everyone had an opportunity to read the ACE-grid security document?
>> It refers to itself as addressing security for "collaborative
>> environments," but they go through a number of use cases that are
>> very relevant to SAGA. Deb Agarwal and Markus Lorch also contributed
>> an excellent discussion of implementations and scenarios for
>> reasonable security implementations . It may help bring us SAGA
>> members up-to-speed on some aspects of the security model
>> considerations.
>>
>> http://www.ggf.org/documents/GFD.43.pdf
>>
>> On Feb 13, 2006, at 12:58 AM, Andre Merzky wrote:
>>> Hi group,
>>>
>>> we managed to corner the Security Area ADs at GGF in Athens,
>>> and to get some statements from them in respect to:
>>>
>>> "What security paradigms are generically available in
>>> Grids, and what should be exposed to the end user?"
>>>
>>> Well, their answer was basically, that there is no agreed
>>> upon approach in the scope of GGF, so, the best we can do is
>>> to look at Grid implementations, and abstract/generalize
>>> their security paradigms.
>>>
>>> A viable approach in their opinion would be to base security
>>> settings on strings, and allow the implementation to interpret
>>> them accordingly. That approach is very close to what we
>>> have right now for sessions, and what we want to have for
>>> streams
>
>
>
> --
> "So much time, so little to do..." -- Garfield
More information about the saga-rg
mailing list