Changes between Version 10 and Version 11 of GeniAuthorization
- Timestamp:
- 10/31/12 13:44:31 (11 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
GeniAuthorization
v10 v11 4 4 GENI requires an authorization solution that will allow architectural components (Clearinghouse, Aggregates) to determine the privileges of an experimenter. Experimenters can be granted privileges based on institutional affiliation, project role or membership attributes, for instance. Aggregates are expected to have local policies regarding resource access and use. 5 5 6 For current authorization credentials used in the GENI AM API, see GeniApiCredentials. Longer term, [http://abac.deterlab.net/ ABAC credentials] are expected to be the mechanism used for authorization. See also discussions in the [wiki:GeniArchitectTeam GENI Software Architecture]. 7 8 '''This page needs improvements, to provide a better summary.''' 9 6 10 = GEC 13 Engineering Meeting = 7 11 == Summary == 8 12 GEC 13 marked the completion of the ABAC evaluation period in the software track of the GECs over the last year. There were a number 9 13 of invited talks by individuals or projects that have spent time evaluating ABAC and prototyping ABAC integration. After the invited talks 10 there was open discussion and a sense of the room was taken. ABAC was adopted as the long-term authorization framework for GENI.14 there was open discussion and a sense of the room was taken. '''ABAC was adopted as the long-term authorization framework for GENI.''' 11 15 12 16 == Introduction ==