[wg-all] FEDERATED IDENTITY AND DELEGATION WORKSHOP FOR OGF37

[OGF Events]

Federated Identity and Delegation Workshop- Monday March 11, 2013


Delegating attributes and identities as a means of establishing who,
or on whose behalf, an operation is to be executed, is a concept as
old as the access matrix. The basic problem is of asserting in a
cryptographically secure way that A->B (A says that B is authorized to
act as A) and subsequently have B->C and C->D such that A->B->C->D,
i.e. D is authorized to act as A. The challenge in
multi-organizational distributed systems such as clouds and grids is
particularly difficult due to the different mechanisms and policies of
the various players.  Existing mechanisms include, but are not limited
to, X.509 delegated credentials, VOMs certificates, and signed SAML
assertions.

The goal of the workshop is to bring together stakeholders in the
scientific computing infrastructure community in the Americas, Europe,
and Asia to present requirements for a good solution to the delegation
problem, alternative visions of how this problem can be solved, and
begin the process of defining a limited number of interoperable common
mechanisms.

Following the workshop the OGF Identity Delegation working group
(IDEL) will meet to continue the work of identifying and defining
proposed standards and best practices for grid identity delegation.