Changes between Version 37 and Version 38 of GEC4CFWGAgenda
- Timestamp:
- 04/06/09 15:57:13 (16 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
GEC4CFWGAgenda
v37 v38 27 27 * Slides by Steve Schwab: [http://groups.geni.net/geni/attachment/wiki/GEC4CFWGAgenda/GENISecurityArchitecture-GEC4-ss1.pdf] 28 28 * Cluster B (PlanetLab) report by Larry Peterson: 29 * Planet lab follows the SFA, which uses credentials (certificates), that include privileges. 30 * A researcher can delegate privilege via a credential to another researcher. 31 * Security is expilicit; delegation is explicit; all through credentials. 29 32 * Cluster C (ProtoGENI) report by Robert Ricci: [http://groups.geni.net/geni/attachment/wiki/GEC4CFWGAgenda/pgeni-security-gec4.pdf] 30 33 * Cluster D (ORCA) report by Jeff Chase: 34 * ORCA uses actors, which have public key pairs; signed messages are passed between actors 35 * An actor runs on behalf of a particular identity. 36 * An actor can use shibboleth to identify an individual. 37 * Expect attribute based access control, e.g, in ORCA, can delegate privilege, and policy module signs ticket for particular user and a particular resource. 38 * ORCA currently using wss4j module to sign with keys, but has to pass certificates; perhaps move to SAML approach 31 39 * Cluster E (ORBIT) report by Max Ott: [http://groups.geni.net/geni/attachment/wiki/GEC4CFWGAgenda/GEC4%20Orbit%20Security.pdf] 32 40 * Cluster A (TIED) report by Ted Faber: [http://groups.geni.net/geni/attachment/wiki/GEC4CFWGAgenda/Security_v2.pdf]