[saga-rg] Re: SAGA and Security

John Shalf JShalf at lbl.gov
Tue Feb 21 02:15:18 CST 2006 

On Feb 19, 2006, at 1:35 PM, Andre Merzky wrote:
> Hi John,
> I'm afraid that the document does not help too much, for
> several reasons.
>
> For one, it is describing requirements - so it poses similar
> questions as SAGA does, but does not provide a answer
> really.

I think then that my point was not clear.  SAGA lacks a clear  
statement of security requirements.  The ACE security document does a  
good job of enumerating their requirements -- its something ACE did  
correctly despite the lack of follow-through on the results. It  
certainly makes conversations with members of the security community  
more focused when you have a clear statement of requirements laid out  
for them.

> Also, it is very AG-centric - e.g. data management is only
> mentioned in respect to files shared for an AG session, or
> for the purpose of immersed visualization etc.

I agree.  In fact, I think I said so in my original message.

> And finally I am afraid that the ACE group went into
> hibernate mode - they seem not to have picked up their
> requirement document, and developed a solution on top of
> that.
>
> Well, having said that, I think it provides an excellent
> sanity check for our own security requierements, and should
> help us to complete what we learned from the use cases In
> particular the viz use cases we have).
>
> Cheers, Andre.
>
>
>
> Quoting [John Shalf] (Feb 19 2006):
>> Cc: mulmo at pdc.kth.se, skow at mcs.anl.gov
>> From: John Shalf <jshalf at lbl.gov>
>> Subject: Re: [saga-rg] Re: SAGA and Security
>> Date: Sun, 19 Feb 2006 13:22:30 -0800
>> To: Andre Merzky <andre at merzky.net>, SAGA RG <saga-rg at ggf.org>
>>
>>
>> I don't know if this will help or hurt the discussion, but has
>> everyone had an opportunity to read the ACE-grid security document?
>> It refers to itself as addressing security for "collaborative
>> environments," but they go through a number of use cases that are
>> very relevant to SAGA.  Deb Agarwal and Markus Lorch also contributed
>> an excellent discussion of implementations and scenarios for
>> reasonable security implementations .  It may help bring us SAGA
>> members up-to-speed on some aspects of the security model
>> considerations.
>>
>> 	http://www.ggf.org/documents/GFD.43.pdf
>>
>> On Feb 13, 2006, at 12:58 AM, Andre Merzky wrote:
>>> Hi group,
>>>
>>> we managed to corner the Security Area ADs at GGF in Athens,
>>> and to get some statements from them in respect to:
>>>
>>>  "What security paradigms are generically available in
>>>   Grids, and what should be exposed to the end user?"
>>>
>>> Well, their answer was basically, that there is no agreed
>>> upon approach in the scope of GGF, so, the best we can do is
>>> to look at Grid implementations, and abstract/generalize
>>> their security paradigms.
>>>
>>> A viable approach in their opinion would be to base security
>>> settings on strings, and allow the implementation to interpret
>>> them accordingly.  That approach is very close to what we
>>> have right now for sessions, and what we want to have for
>>> streams
>
>
>
> -- 
> "So much time, so little to do..."  -- Garfield

More information about the saga-rg mailing list