© 2007 Open Grid Forum Authentication Service Profile Christos Kanellopoulos 14 th EUGridPMA, Lisbon, PT October 7 th, 2008.

Slides:



Advertisements
Similar presentations
Web Security for Network and System Administrators1 Chapter 1 Introduction to Information Security.
Advertisements

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
Software Quality Assurance Plan
Compliance storyboard: Classifying & controlling content at the input device.
Ethics Ethics are the rules of personal behavior and conduct established by a social group for those existing within the established framework of the social.
Security Controls – What Works
CA-OPS Authentication Profiles Tony Genovese ATF team ESnet Lawrence Berkeley National Laboratory.
NRENs supporting Grids using current Grid technology TERENA NREN-GRID Workshop Amsterdam Milan Sova CESNET.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Social Engineering Jero-Jewo. Case study Social engineering is the act of manipulating people into performing actions or divulging confidential information.
1 Pertemuan 9 Network Security and E-Commerce Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi: >
Session 3 – Information Security Policies
Identity Management What is it? Why? Responsibilities? Bill Weems Academic Computing University of Texas Health Science Center at Houston.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Security Awareness Norfolk State University Policies.
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.
IOTA Questions for RPs Sept 9, 2013 Bucharest, Romania.
Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.
Policy Review (Top-Down Methodology) Lesson 7. Policies From the Peltier Text, p. 81 “The cornerstones of effective information security programs are.
+1 (801) Standards for Registration Practices Statements IGTF Considerations.
April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
March 27, 2006TAGPMA - Rio de Janeiro1 Short Lived Credential Services Profile Tony J. Genovese The Americas Grid PMA DOEGridsATF/ESnet/LBNL.
U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.
NECTEC-GOC CA Self Audit 7 th APGrid PMA Face-to-Face meeting March 8 th, 2010 Large-Scale Simulation Research Laboratory Sornthep Vannarat Large-Scale.
Ian Bailey Director Application Architecture Office of CIO, Province of BC A User Centric and Claims Based Architecture for British Columbia.
EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,
Profile for Portal-based Credential Services (POCS) Yoshio Tanaka International Grid Trust Federation APGrid PMA AIST.
© 2003 The MITRE Corporation. All rights reserved For Internal MITRE Use Addressing ISO-RTO e-MARC Concerns: Clarifications and Ramifications Response.
Introduction to Information Security
Copyright © Open Applications Group, Inc. All rights reserved OAGIS Project Definition Export Compliance Vivian Javier – CDC Software September 20, 2010.
Information Security IBK3IBV01 College 2 Paul J. Cornelisse.
The UK Access Management Federation John Chapman Project Adviser – Becta.
0 NAREGI CA Status Report APGrid F2F meeting in Singapore June 4, 2007 Rumiko Masuko.
DNSSEC Practices Statement Module 2 CaribNOG 3 12 June 2012, Port of Spain, Trinidad
18 th EUGridPMA, Dublin / SRCE CA Self Audit SRCE CA Self Audit Emir Imamagić SRCE Croatia.
Integrating the Healthcare Enterprise The Integration Profiles: Basic Security Profile.
UGRID CA Self-audit report Sergii Stirenko 21 st EUGRIDPMA Meeting Utrecht 24 January 2011.
29 th EUGridPMA meeting, September 2013, Bucharest AEGIS Certification Authority Dušan Radovanović University of Belgrade Computer Centre.
PRACE user authentication and vetting Vincent RIBAILLIER, 29 th EUGridPMA meeting, Bucharest, September 9 th, 2013.
Dr. Ir. Yeffry Handoko Putra
D-Link Wireless AP with NAP 802.1x solution
Introduction for the Implementation of Software Configuration Management I thought I knew it all !
WSU IT Risk Assessment Process
The Demand for Audit and Other Assurance Services
Chapter 4 – Requirements Engineering
AEGIS Certification Authority
LCG Security Status and Issues
Pass4itsure Microsoft Dumps
INTERCONNECTION GUIDELINES
HellasGrid CA & euGridPMA
Business Continuity Plan Training
APPLICATION RISK AND CONTROLS
THE STEPS TO MANAGE THE GRID
Team Member: Xiaomin Dong
Draft ETSI TS Annex C Presented by Michał Tabor for PSD2 Workshop
The New Virtual Organization Membership Service (VOMS)
Web Applications: Get a Grip on Privacy
Health Care: Privacy in a Digital Age
MaGrid CA Self audit and update
Software Requirements Specification (SRS) Template.
Agenda Create certificates for the GlobalProtect Portal, internal gateway, and external gateway. Attach certificates to a SSL-TLS Service Profile. Configure.
Appropriate Access InCommon Identity Assurance Profiles
CEN 5035, Software Engineering
Generic AAA Why generic AAA: scope and context.
SOCIAL NETWORKING Christine M. Farquhar Managing Director, Compliance J.P. Morgan U.S. Private Banking.
Emir Imamagić University Computing Centre (Srce)
MyIFAM CA Self-Audit Report APGridPMA F2F Meeting 1/4/2019
HMAC and its Design Objectives
Presentation transcript:

© 2007 Open Grid Forum Authentication Service Profile Christos Kanellopoulos 14 th EUGridPMA, Lisbon, PT October 7 th, 2008

© 2007 Open Grid Forum 2 Authentication Service Profiles Purpose of the document: Requirements for defining an Authentication Service Profile that can be used by IdPs to provide compliant Authentication Services Characteristics an Authentication Service Profile: An Authentication Service Profile provides a way for Grid Relying Parties (RP) to be able to identify and compare Authentication Services provided by Identity Providers An IdP can provide Authentication Services based upon one or more Authentication Service Profiles. 2

© 2007 Open Grid Forum 3 Requirements for Authentication Service Profiles 1.Authentication Service Management Describe who is responsible for the service and change control. Specify the community that will be served by the Authentication Service. Specify the scope of the service 2.General Architecture Describe the system architecture used to build the authentication service used by the Identity provider. How does the customer and management interface to the system? 3.Identities The Authentication Service must describe how identity is managed and communicated in the community. Each Authentication service must define Identity vetting rules, what each user does to prove the identity of the user, host or service identified as part of an organization. Identity revocation: how a person or system is removed from the service. Is there a special Acceptable Use Policy that applies? 3

© 2007 Open Grid Forum 4 Requirements for Authentication Service Profiles 4.Operational Requirements QOS for the authentication service: is 24/7 support or not, Trouble ticket reporting, Information request and general customer support. Required contact information, problem reporting/resolution procedures. 5.Facility Security For each authentication service used by the identity service provider describe the: Software, network, server and physical security at the site of the authentication service. Also describe: procedural controls, personnel security controls. Life cycle for security controls - How do you update/change security controls and keep the community informed? 6.Publication and Security responsibilities What information must published and maintain by the Authentication service. How long information must be maintained? Access rights to read or use the information. 4

© 2007 Open Grid Forum 5 Requirements for Authentication Service Profiles 7.Liability What liability or warranties are supported by the service? 8.Financial Responsibilities How do you pay for the service? Any financial responsibilities to your members? 9.Audits Do you audit each authentication service for compliance to your policies Do you conduct self audits or member audits or open to external audits 10.Privacy, confidentiality What are your privacy rules, IP policies, etc 11.Compromise and Disaster recover How do you handle exposed shared secrets or other compromised secrets? What facilities are in place to rebuild the service in the case of a disaster? How long would the service be out of commission if the service is compromised or damaged? 5

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.