DataGrid WP6/CA CA Acceptance/Feature Matrices Trinity College Dublin (TCD) Brian Coghlan Paris MAR-2002.

Slides:

Advertisements

Similar presentations

Grid Tech Team Certificates, Monitoring, & Firewall September 15, 2003 Chiang Mai, Thailand Allan Doyle, NASA With the help of the entire Grid Tech Team.

Advertisements

WP2: Data Management Gavin McCance University of Glasgow November 5, 2001.

22-Apr-02D.P.Kelsey, Security, UKHEP Sysman1 Grid Security 22 Apr 2002 UK HEP Sysman Meeting David Kelsey CLRC/RAL, UK

Author - Title- Date - n° 1 GDMP The European DataGrid Project Team

魂▪創▪通魂▪創▪通 WebCert - SOP Sangrae Cho Authentication Research Team.

Andrew McNab - EDG Access Control - 14 Jan 2003 EU DataGrid security with GSI and Globus Andrew McNab University of Manchester

/ David GroepSummary of Security Workshop - DataGRID WP4 workshop1 DataGrid Security WS Summary Targets: Identify requirements from WP's Define.

CrossGrid Task 3.3 Grid Monitoring Trinity College Dublin (TCD) Brian Coghlan Paris MAR-2002.

Security Mechanisms The European DataGrid Project Team

Asset: Academic Survey System & Evaluation Tool Bert G. Wachsmuth Seton Hall University.

Sept 27 th – 29 th, 2002Linz 2002, Task Task 3.3 Grid Monitoring Subtask SANTA-G Brian Coghlan, Stuart Kenny Trinity College Dublin.

Asynchronous Web Services Approach Enrique de Andrés Saiz.

TNC Common Project EVO / UPMC TNC 2010 Goals Integrate a distance learning system called EVO-Learning into universities environment. Provide a.

RAMM Integration Campbell Newman. Exporting data manually Using the grids RAMM Manager RAMM GIS RAMM SQL.

GRID Centralized management of the Globus grid-mapfile Carlo Rocca INFN, Catania.

Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.

CREN Certificate Authority Project: Update from Georgia Tech Ron Hutchins 28 March 2000.

BY OLIVIA WILSON AND BRITTANY MCDONALD Up Your Shields with Shields Up!

Ákos FROHNER – DataGrid Security Requirements n° 1 Security Group D7.5 Document and Open Issues

Sympa Mailing List Server

EGEE is a project funded by the European Union under contract IST Testing processes Leanne Guy Testing activity manager JRA1 All hands meeting,

MySQL and GRID Gabriele Carcassi STAR Collaboration 6 May Proposal.

Blueprint Meeting Notes Feb 20, Feb 17, 2009 Authentication Infrastrusture Federation = {Institutes} U {CA} where both entities can be empty TODO1:

IHEP Grid CA Status Report Wei F2F Meeting 8 Mar Computing Centre, IHEP,CAS,China.

DataGrid WP6/CA CA Trust Matrices Trinity College Dublin (TCD) Brian Coghlan CERN DEC-2002.

3-Nov-00D.P.Kelsey, HEPiX, JLAB1 Certificates for DataGRID David Kelsey CLRC/RAL, UK

Technical Presentation

3-Jul-02D.P.Kelsey, Security1 Security meetings Report to EDG PTB 3 Jul 2002 David Kelsey CLRC/RAL, UK

Server Performance, Scaling, Reliability and Configuration Norman White.

CSUS Senior Project. Introduction Ryan - Our sponsor, their problem Aaron - Specifications and features Matt- Technical skills - Learning plan Jaspreet.

How To Configure Thunderbird For Your Webspace Account.

Core 3: Communication Systems. Network software includes the Network Operating Software (NOS) and also network based applications such as those running.

Summary of AAAA Information David Kelsey Infrastructure Policy Group, Singapore, 15 Sep 2008.

VO management: Progress since Chicago Workshop Vincenzo Ciaschini 23/5/2002 CNAF – Bologna.

Cyber Security Review, April 23-24, 2002, 0 Operated by the Southeastern Universities Research Association for the U.S. Depart. Of Energy Thomas Jefferson.

Automated Certificate Management ACME + Let’s Encrypt Richard

2-Sep-02D.P.Kelsey, WP6 CA, Budapest1 WP6 CA report Budapest 2 Sep 2002 David Kelsey CLRC/RAL, UK

DTI Mission – 29 June LCG Security Ian Neilson LCG Security Officer Grid Deployment Group CERN.

GRID Centralized Management of the Globus grid-mapfile Carlo Rocca, INFN Catania.

11-Dec-00D.P.Kelsey, Certificates, WP6 meeting, Milan1 Certificates for DataGrid Testbed0 David Kelsey CLRC/RAL, UK

Data Management The European DataGrid Project Team

INFSO-RI Enabling Grids for E-sciencE Policy management and fair share in gLite Andrea Guarise HPDC 2006 Paris June 19th, 2006.

Power Guru: Implementing Smart Power Management on the Android Platform Written by Raef Mchaymech.

Ákos FROHNER – DataGrid Security n° 1 Security Group TODO

Status of Globus activities Massimo Sgaravatto INFN Padova for the INFN Globus group

DGC Paris Spitfire A Relational DB Service for the Grid Leanne Guy Peter Z. Kunszt Gavin McCance William Bell European DataGrid Data Management.

8-Mar-01D.P.Kelsey, Certificates, WP6, Amsterdam1 WP6: Certificates for DataGrid Testbeds David Kelsey CLRC/RAL, UK

1 SURAGrid User/Host Certificate Authority SURAgrid Meeting MARCH 26, 2010 Jim Jokl University of Virginia.

The GRIDS Center, part of the NSF Middleware Initiative Grid Security Overview presented by Von Welch National Center for Supercomputing.

Stephen Burke – Sysman meeting - 22/4/2002 Partner Logo The Testbed – A User View Stephen Burke, PPARC/RAL.

10-May-01D.P.Kelsey, WP6 Security1 Certificates/Authorisation for DataGrid Testbeds David Kelsey CLRC/RAL, UK

The GridPP DIRAC project DIRAC for non-LHC communities.

EGEE is a project funded by the European Union under contract IST New VO Integration Fabio Hernandez ROC Managers Workshop,

11-May-01D.P.Kelsey, Security Update1 GRID Security Update David Kelsey CLRC/RAL, UK

StratusLab is co-funded by the European Community’s Seventh Framework Programme (Capacities) Grant Agreement INFSO-RI Demonstration StratusLab First.

G. Russo, D. Del Prete, S. Pardi Kick Off Meeting - Isola d'Elba, 2011 May 29th–June 01th A proposal for distributed computing monitoring for SuperB G.

Overview of the New Security Model Akos Frohner (CERN) WP8 Meeting VI DataGRID Conference Barcelone, May 2003.

Certificate Security For Users Obtaining and Using Your Personal Certificate using the OSG PKI Kyle Gross – OSG Operations Support Lead Elizabeth Prout.

David Kelsey CLRC/RAL, UK

OGF PGI – EDGI Security Use Case and Requirements

DataGrid WP6/CA CA Trust Matrices

Update on EDG Security (VOMS)

CERN Certificates platform Emmanuel Ormancey / Anatoly Gladkov

asset: Academic Survey System & Evaluation Tool

A Global Trojan Solution

The GENIUS Security Services

Bill Yau HKU Grid Certificate Authority (HKU Grid CA) Self Audit & Status Report Bill Yau

System Center Third Party Tools Ivanti Patch and RCT Recast April 2019.

Presentation transcript:

DataGrid WP6/CA CA Acceptance/Feature Matrices Trinity College Dublin (TCD) Brian Coghlan Paris MAR-2002

DataGrid WP6/CA Proposed Syntax Changes For Web Server and LDAP Server cert: For Web Server and LDAP Server cert:publication_frequency  publication_latency[days]  publication_latency[days] For Web Server and LDAP Server CRL : For Web Server and LDAP Server CRL :publication_frequency  publication_frequency[days]  publication_frequency[days] publication_latency[days] publication_validity[days]

Paris MAR-2002 DataGrid WP6/CA Proposed Syntax Changes For cert_issuance : For cert_issuance : identity_check = personal_contact | | phone   where :operators = AND, OR precedence = (), AND, OR elements =personal_contact | | phone | contact_with_superior | public_directory_check | public_directory_check

Paris MAR-2002 DataGrid WP6/CA Scaling Let us consider: Scaling of Acceptance/Feature Matrix functionality Scaling of Acceptance/Feature Matrix functionality Let us NOT consider: Scaling of whole grid authentication scheme Scaling of whole grid authentication scheme

Paris MAR-2002 DataGrid WP6/CA Functionality The Acceptance Matrix will scale if : inspection is done by machines not people inspection is done by machines not people e.g. by evaluating CA feature matrix according to rule set not done yet scope is deliberately limited, e.g. to VOs scope is deliberately limited, e.g. to VOs not done yet The presentation software will scale if : it can be run from memory it can be run from memory not done yet, but is designed as just one source file it automatically adapts to addition/removal of CAs it automatically adapts to addition/removal of CAs already done

Paris MAR-2002 DataGrid WP6/CA Functionality The matrix admin will scale if : The matrix admin will scale if : each CA manages their own matrix info on site, each CA manages their own matrix info on site, with remote access by the software not done yet maybe should not be until methodology stabilizes a CA automatically gets out of the blacklist when a CA automatically gets out of the blacklist when they fix the problem as soon as next remote access to their matrix info not done yet

Paris MAR-2002 DataGrid WP6/CA Future Functionality Utilization by programs might be accommodated by : Utilization by programs might be accommodated by : use of RGMA/MDS/LDAP, both for remote matrix info use of RGMA/MDS/LDAP, both for remote matrix info access and for presenting matrix results Exceptional incidents might be accommodated by : Exceptional incidents might be accommodated by : continuing to support the current manual inspection, continuing to support the current manual inspection, both for CAs and for VOs Fault-tolerance might be accommodated by: Fault-tolerance might be accommodated by: using RGMA/MDS/LDAP replication [when available] using RGMA/MDS/LDAP replication [when available] Notification of changes to a CA might be accommodated by: Notification of changes to a CA might be accommodated by: [initially] [initially] notification by information system [when available] notification by information system [when available]

Paris MAR-2002 DataGrid WP6/CA THE END Acceptance/Feature Matrices