[saga-rg] Re: SAGA and Security

Andre Merzky andre at merzky.net
Tue Feb 21 02:32:31 CST 2006 

Hi John, 

Quoting [John Shalf] (Feb 21 2006):
> 
> On Feb 19, 2006, at 1:35 PM, Andre Merzky wrote:
> >Hi John,
> >I'm afraid that the document does not help too much, for
> >several reasons.
> >
> >For one, it is describing requirements - so it poses similar
> >questions as SAGA does, but does not provide a answer
> >really.
> 
> I think then that my point was not clear.  SAGA lacks a clear  
> statement of security requirements.  The ACE security document does a  
> good job of enumerating their requirements -- its something ACE did  
> correctly despite the lack of follow-through on the results. It  
> certainly makes conversations with members of the security community  
> more focused when you have a clear statement of requirements laid out  
> for them.

I agree, in terms of requirements we can and will certainly
use the ACE doc.  You are right, they did a good job in
formulating those.


> >Also, it is very AG-centric - e.g. data management is only
> >mentioned in respect to files shared for an AG session, or
> >for the purpose of immersed visualization etc.
> 
> I agree.  In fact, I think I said so in my original message.

And right you are again :-)

Thanks, Andre.


> >And finally I am afraid that the ACE group went into
> >hibernate mode - they seem not to have picked up their
> >requirement document, and developed a solution on top of
> >that.
> >
> >Well, having said that, I think it provides an excellent
> >sanity check for our own security requierements, and should
> >help us to complete what we learned from the use cases In
> >particular the viz use cases we have).
> >
> >Cheers, Andre.
> >
> >
> >
> >Quoting [John Shalf] (Feb 19 2006):
> >>Cc: mulmo at pdc.kth.se, skow at mcs.anl.gov
> >>From: John Shalf <jshalf at lbl.gov>
> >>Subject: Re: [saga-rg] Re: SAGA and Security
> >>Date: Sun, 19 Feb 2006 13:22:30 -0800
> >>To: Andre Merzky <andre at merzky.net>, SAGA RG <saga-rg at ggf.org>
> >>
> >>
> >>I don't know if this will help or hurt the discussion, but has
> >>everyone had an opportunity to read the ACE-grid security document?
> >>It refers to itself as addressing security for "collaborative
> >>environments," but they go through a number of use cases that are
> >>very relevant to SAGA.  Deb Agarwal and Markus Lorch also contributed
> >>an excellent discussion of implementations and scenarios for
> >>reasonable security implementations .  It may help bring us SAGA
> >>members up-to-speed on some aspects of the security model
> >>considerations.
> >>
> >>	http://www.ggf.org/documents/GFD.43.pdf
> >>
> >>On Feb 13, 2006, at 12:58 AM, Andre Merzky wrote:
> >>>Hi group,
> >>>
> >>>we managed to corner the Security Area ADs at GGF in Athens,
> >>>and to get some statements from them in respect to:
> >>>
> >>> "What security paradigms are generically available in
> >>>  Grids, and what should be exposed to the end user?"
> >>>
> >>>Well, their answer was basically, that there is no agreed
> >>>upon approach in the scope of GGF, so, the best we can do is
> >>>to look at Grid implementations, and abstract/generalize
> >>>their security paradigms.
> >>>
> >>>A viable approach in their opinion would be to base security
> >>>settings on strings, and allow the implementation to interpret
> >>>them accordingly.  That approach is very close to what we
> >>>have right now for sessions, and what we want to have for
> >>>streams
> >
> >
> >
> >-- 
> >"So much time, so little to do..."  -- Garfield



-- 
"So much time, so little to do..."  -- Garfield

More information about the saga-rg mailing list