[SECURITY-AREA] Levels of Assurance RG BoF
David Groep
davidg at nikhef.nl
Tue Feb 20 09:51:21 CST 2007
Dear all,
A well-attended "Levels of Assurance" BoF session was held during OGF 19
last month. We are now starting the raod towards the formation of a OGF
Research Group (proposed) to address this topic. The focus is around
topics such as:
1) "Overview of current LoA criteria and the relation to the risk
analysis by relying parties in an e-Science context".
What is it that relying parties really need to know about an identity
assertion, what qualities do they require, and which attributes do they
'need to know' about an assertion provider in order to decide on trust
in the assertion?
2) "gap analysis of reference definitions by current LoA standards
and the requirements of grid and e-Science use cases for
identity assertions".
Current LoA definitions are intended for direct validation by a service
provider and are mostly based on planned government and defence uses and
on client-server electronic transactions. This work will identify the
gaps between these definitions and the potential use of LoA in the grid
context. Specific use cases will be gathered as part of this work.
You are kindly invited to join, contribute and subscribe to the RG BoFs
mailing list via
http://www.ogf.org/mailman/listinfo/loa-bof
Best regards,
David Groep.
--
David Groep
** National Institute for Nuclear and High Energy Physics, PDP/Grid group **
** Room: H1.56 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **
--
David Groep
** National Institute for Nuclear and High Energy Physics, PDP/Grid group **
** Room: H1.56 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **
More information about the security-area
mailing list