Version 16 (modified by 14 years ago) (diff) | ,
---|
Project Number
1785
Project Title
Distributed Identity and Authorization Mechanisms
a.k.a. ABAC
Technical Contacts
Principal Investigator Stephen Schwab Stephen Schwab
Participating Organizations
SPARTA, Inc.
1911 North Fort Meyer Drive
Suite 1100
Arlington, VA 22209
GPO Liaison System Engineer
Vic Thomas vthomas@geni.net
Scope
This effort will develop and prototype Attributed-Based Access Control (ABAC) extensions that allow the distinct security mechanisms of the various control frameworks to share security information within a single control framework, as well as with each other, starting with ProtoGENI and proceeding to ORBIT and ORCA according to their integration readiness. (Support for DETER’s use of ABAC is already well-established.) The work will support trust management functions, including identity definitions and authentication mechanisms, and distributed authorization and access control mechanisms. Existing ABAC prototype software from SPARTA and other available open-source software will be leveraged to provide critical GENI functions. SPARTA will continue to collaborate with other GENI projects on analyzing and documenting security requirements for each spiral as part of this effort.
Current Capabilities
BRIEF descriptions of resources/functions/tools that are available to anyone in the GENI community
Milestones
MilestoneDate(ABAC: S2.a)? ABAC Requirements for ProtoGENI Click here for requirements document
MilestoneDate(ABAC: S2.b)? DIAC prototype software design and interfaces v. 1.0
MilestoneDate(ABAC: S2.c)? V1.0 software for supporting ABAC mechanisms within ProtoGENI. Click here for software
MilestoneDate(ABAC: S2.d)? V2.0 software for supporting ABAC mechanisms within ProtoGENI
MilestoneDate(ABAC: S2.e)? DIAC prototype software design and interfaces v. 1.1
MilestoneDate(ABAC: S3.a Demonstration and Outreach at GEC9)?
MilestoneDate(ABAC: S3.b Plans for integration of ABAC into a control framework)? Click here for plan and here for presentation on plan.
MilestoneDate(ABAC: S3.c Demonstration and Outreach at GEC10)?
MilestoneDate(ABAC: S3.d Demonstration and Outreach at GEC11)?
MilestoneDate(ABAC: S3.e Software and documentation)?
Project Technical Documents
ABAC requirements for ProtoGENI
Quarterly Status Reports
4Q 2009 Report
1Q 2010 Report
2Q 2010 Report
GEC9 2010 Report
GEC10 2011 Report
Spiral 2 Connectivity
Links to wiki pages about details of infrastrcture that the project is using (if any). Examples include IP addresses, hostnames, URLs, DNS servers, local site network maps, VLANIDs (if permanent VLANs are used), pointers to public keys. GPO may do first drafts of any of these and have the PI correct them to bootstrap. May also include ticket links for pending or known connectivity issues. Many projects will have a full tree of wiki pages here.
Related Projects
Includes non-GENI projects.
Attachments (5)
- geni-rbac-req-0.5a.pdf (164.1 KB) - added by 15 years ago.
-
geni-diac-api-0.92.pdf (143.3 KB) - added by 15 years ago.
Milestone 2: Software design and interfaces
-
abac-install-1.0.pdf (352.8 KB) - added by 14 years ago.
Installation manual for v1.0
-
abac-1.0.tar.gz (14.6 MB) - added by 14 years ago.
ABAC with Reference-CM-2.0.2a
-
DIAM-ABAC-review.ppt (540.5 KB) - added by 14 years ago.
Spiral 2 review presentation.