wiki:GEC12Authorization

Version 3 (modified by faber@isi.edu, 12 years ago) (diff)

--

Authorization

Wed, 1500-1630

Organizers: Steve Schwab and Ted Faber, USC/ISI

GENI aggregates currently use signed XML credentials to make authorization decisions. At GEC10 we began a one year effort to evaluate ABAC assertions as a more flexible basis for GENI authorization. This meeting will seek agreement on a vocabulary for ABAC assertions and policies, and then surface outstanding issues and concerns or other work that must be addressed before the community can decide whether to adopt ABAC. We will also review the status of integrating ABAC in existing control frameworks and aggregates.

Agenda

  • Steve Schwab - Intro and overview (5 minutes)
  • Ted Faber on a draft authorization vocabulary and sample policies (20 mins with ~10 of discussion)
  • Jeff Chase (remotely) on Accountability and Authorization (20 mins with ~10 of discussion)
  • David Cheperdak his efforts to integrate ABAC into PlanetLab (10 mins with ~5 for questions)
  • Ben Warren on IF-MAP: a security driven pub-sub standard protocol, and its use cases within GENI (10 minutes with ~5 for questions)

Attachments (8)