| | 1 | [[PageOutline]] |
| | 2 | |
| | 3 | == Project Number == |
| | 4 | |
| | 5 | 1785 |
| | 6 | |
| | 7 | == Project Title == |
| | 8 | |
| | 9 | Distributed Identity and Authorization Mechanisms [[BR]] |
| | 10 | a.k.a. ABAC |
| | 11 | |
| | 12 | === Technical Contacts === |
| | 13 | |
| | 14 | Principal Investigator Stephen Schwab stephen.schwab@sparta.com |
| | 15 | |
| | 16 | === Participating Organizations === |
| | 17 | |
| | 18 | SPARTA, Inc. [[BR]] |
| | 19 | 1911 North Fort Meyer Drive [[BR]] |
| | 20 | Suite 1100 [[BR]] |
| | 21 | Arlington, VA 22209 |
| | 22 | |
| | 23 | === GPO Liason System Engineer === |
| | 24 | |
| | 25 | Vic Thomas vthomas@geni.net |
| | 26 | |
| | 27 | == Scope == |
| | 28 | |
| | 29 | This effort will develop and prototype Attributed-Based Access Control (ABAC) extensions that allow the distinct security mechanisms of the various control frameworks to share security information within a single control framework, as well as with each other, starting with ProtoGENI and proceeding to ORBIT and ORCA according to their integration readiness. (Support for DETER’s use of ABAC is already well-established.) The work will support trust management functions, including identity definitions and authentication mechanisms, and distributed authorization and access control mechanisms. Existing ABAC prototype software from SPARTA and other available open-source software will be leveraged to provide critical GENI functions. SPARTA will continue to collaborate with other GENI projects on analyzing and documenting security requirements for each spiral as part of this effort. |
| | 30 | |
| | 31 | === Current Capabilities === |
| | 32 | |
| | 33 | BRIEF descriptions of resources/functions/tools that are available to anyone in the GENI community |
| | 34 | |
| | 35 | === Milestones === |
| | 36 | |
| | 37 | [[MilestoneDate(ABAC: S2.a)]] ABAC Requirements for ProtoGENI [[BR]] |
| | 38 | [[MilestoneDate(ABAC: S2.b)]] DIAC prototype software design and interfaces v. 1.0 [[BR]] |
| | 39 | [[MilestoneDate(ABAC: S2.c)]] V1.0 software for supporting ABAC mechanisms within ProtoGENI [[BR]] |
| | 40 | [[MilestoneDate(ABAC: S2.d)]] V2.0 software for supporting ABAC mechanisms within ProtoGENI [[BR]] |
| | 41 | [[MilestoneDate(ABAC: S2.e)]] DIAC prototype software design and interfaces v. 1.1 [[BR]] |
| | 42 | |
| | 43 | |
| | 44 | == Project Technical Documents == |
| | 45 | |
| | 46 | Links to wiki pages for the project's technical documents go here. List should include any document in the working groups, as well as other useful documents. Projects may have a full tree of wiki pages here. |
| | 47 | |
| | 48 | === Quarterly Status Reports === |
| | 49 | |
| | 50 | QuarterlyStatusReportTemplate |
| | 51 | |
| | 52 | === Spiral 2 Connectivity === |
| | 53 | |
| | 54 | Links to wiki pages about details of infrastrcture that the project is using (if any). Examples include IP addresses, hostnames, URLs, DNS servers, local site network maps, VLANIDs (if permanent VLANs are used), pointers to public keys. GPO may do first drafts of any of these and have the PI correct them to bootstrap. May also include ticket links for pending or known connectivity issues. Many projects will have a full tree of wiki pages here. |
| | 55 | |
| | 56 | |
| | 57 | === Related Projects === |
| | 58 | |
| | 59 | Includes non-GENI projects. |
