Version 9 (modified by 13 years ago) (diff) | ,
---|
Authorization
Schedule
Tuesday, 3:30pm - 5:00 pm
Session Leaders
Steve Schwab and Ted Faber, USC/ISI
Tom Mitchell, GENI Project Office
Description
GENI aggregates currently use signed XML credentials to make authorization decisions. At GEC10 we began a one year effort to evaluate ABAC assertions as a more flexible basis for GENI authorization. At this session, that one year is up. We will compare ABAC against the current credentials, and adopt a path forward for GENI. Then we will discuss implementing that decision. We will also review the status of integrating ABAC in existing control frameworks and aggregates.
Agenda
- Overview (Ted Faber/Steve Schwab)
- Lightning Talks in favor of or opposed to ABAC:
- Rob Ricci, Utah/ProtoGENI
- Andy Bavier, Princeton/PlanetLab
- Jeff Chase, Duke/ORCA
- Ted Faber, ISI/ABAC
- Tom Mitchell, BBN/GPO
- Open Discussion (All)
- Vote / Consensus / Sense of the Room
- Further steps based on outcome
Related Reading
- Overview of the GENI Authorization discussion and past meeting summaries
- Authorization Storyboard by Jeff Chase
A series of PowerPoint "twitters" about GENI authorization in general, and a possible ABAC implementation. - Authorization and Trust Structure in GENI: A Perspective on the Role of ABAC, a working paper by Jeff Chase
Attachments (6)
-
gec13-abac-sfa.pptx (45.4 KB) - added by 13 years ago.
Andy Bavier slides
-
pgeni-abac-gec13.pdf (164.6 KB) - added by 13 years ago.
Rob Ricci slides
-
gec13-auth-chase.ppt (1.3 MB) - added by 13 years ago.
Jeff Chase slides
-
RT2.pdf (137.5 KB) - added by 13 years ago.
Ted Faber slides
-
AuthDecision.pdf (917.2 KB) - added by 13 years ago.
Tom Mitchell slides
-
AuthFuture.pdf (1.8 MB) - added by 13 years ago.
Tom Mitchell slides