© 2006 Open Grid Forum Security Activities at OGF24 Security Area Meeting.

Slides:

Advertisements

Similar presentations

© 2006 Open Grid Forum OGF20 LoA-RG Monday 11:00am Charter Suite 4 Chairs: Ning Zhang and Yoshio Tanaka.

Advertisements

Oct, 26 th, 2010 OGF 29, FVGA-WG: Firewall Virtualization for Grid Applications Firewall Virtualization for Grid Applications - Status update

© 2006 Open Grid Forum Security Area OGF19 Standard All Hands.

Oct 15 th, 2009 OGF 27, Infrastructure Area: Status of FVGA-WG Status of Firewall Virtualization for Grid Applications - Working Group

P2P Area Meeting Andrew Chien and Cees DeLaat Global Grid Forum 8 June 27, 2003.

GT 4 Security Goals & Plans Sam Meder

Interoperability Roadmap Comments Sections E, F, and G Transport & Security Standards Workgroup Dixie Baker, chair Lisa Gallagher, co-chair March 11, 2015.

Russ Housley IETF Chair 23 July 2012 Introduction to the IETF Standards Process.

1 WebTrust for Certification Authorities (CAs) Overview October 2011 WebTrust for Certification Authorities (CAs) Overview October 2011 Presentation based.

VOMS & SAML Valerio Venturi MWSG /6/07. EU project: RIO31844-OMII-EUROPE OMII-Europe OMII-Europe is an EU-funded project which has been established.

1 On Death, Taxes, & the Convergence of Peer-to-Peer & Grid Computing Adriana Iamnitchi Duke University “Our Constitution is in actual operation; everything.

Authz work in GGF David Chadwick

National Institute of Advanced Industrial Science and Technology Auditing, auditing template and experiences on being audited Yoshio Tanaka

Update on Interoperability Roadmap Comments Sections E, F, and G Transport & Security Standards Workgroup Dixie Baker, chair Lisa Gallagher, co-chair March.

1 Directory related work in the Global Grid Forum 3rd TF-LSD Meeting in Antalya Peter Gietz

Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.

Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz

European Interoperability Architecture e-SENS Workshop : Document Interoperability Solutions use case 7-8 January 2015.

Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.

TeraGrid Science Gateways: Scaling TeraGrid Access Aaron Shelmire¹, Jim Basney², Jim Marsteller¹, Von Welch²,

Update on Interoperability Roadmap Comments Sections G, F and E Transport & Security Standards Workgroup Dixie Baker, chair Lisa Gallagher, co-chair March.

OGSA SEC WG [OGSA= Open Grid Services Architecture] Co-chairs: Nataraj Nagaratnam, IBM, USA Marty Humphrey University of Virginia, USA GGF9.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.

© 2006 Open Grid Forum DCI Federation Protocol BoF Alexander Papaspyrou, TU Dortmund University Open Grid Forum March 15-18, 2010, Munich, Germany.

2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.

March 27, 2006TAGPMA - Rio de Janeiro1 Short Lived Credential Services Profile Tony J. Genovese The Americas Grid PMA DOEGridsATF/ESnet/LBNL.

Ning Zhang, the University of Manchester, UK David Groep, National Institute for Nuclear and High Energy Physics, NL Blair Dillaway, OGF Security Area.

Geneva, Switzerland, April 2012 Introduction to session 7 - “Advancing e-health standards: Roles and responsibilities of stakeholders” Marco Carugi.

Security Requirements for Software Defined Networks Internet Area WG IETF 85: Atlanta November 4, 2012 Margaret Wasserman

Tutorial: Building Science Gateways TeraGrid 08 Tom Scavo, Jim Basney, Terry Fleury, Von Welch National Center for Supercomputing.

OGSA Security Roadmap Discussion GGF5 – 7/24/02. Outline l Introduction l Architecture Goal l Roadmap Goal l Proposed Specs l Challenges l Next Steps.

Supporting education and research Security and Authentication for the Grid Alan Robiette, JISC Development Group.

GGF9 GFS WG BOF10/07/2003, Chicago Grid File System Group Proposal BOF Osamu Tatebe (AIST) Jane Xu (IBM) Arun Jagatheesan (SDSC)

EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.

Manish Mehta, CS 590L Authentication Services in Open Grid Services by Manish Mehta April 27, 2004.

Oleg LODYGENSKY Etienne URBAH LAL, Univ Paris-Sud, IN2P3/CNRS, Orsay,

“Trust me …” Policy and Practices in PKI David L. Wasley Fall 2006 PKI Workshop.

Andrew McNabSecurity Middleware, GridPP8, 23 Sept 2003Slide 1 Security Middleware Andrew McNab High Energy Physics University of Manchester.

Authorization GGF-6 Grid Authorization Concepts Proposed work item of Authorization WG Chicago, IL - Oct 15 th 2002 Leon Gommans Advanced Internet.

Distributed Accounting Working Group (DAWG) Distributed Accounting Models Research Group Monday, 22 July 2002 Tuesday, 23 July 2002 Edinburgh, Scotland.

Globus and PlanetLab Resource Management Solutions Compared M. Ripeanu, M. Bowman, J. Chase, I. Foster, M. Milenkovic Presented by Dionysis Logothetis.

JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.

Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.

IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: Security Problems related to Transition Date Submitted: January.

Security Policy Update WLCG GDB CERN, 14 May 2008 David Kelsey STFC/RAL

E-Science Security Roadmap Grid Security Task Force From original presentation by Howard Chivers, University of York Brief content:  Seek feedback on.

EGI-InSPIRE RI EGI EGI-InSPIRE RI Establishing Identity in EGI the authentication trust fabric of the IGTF and EUGridPMA.

VOMS Attribute Authorities Michael Helm ESnet/LBNL 23 Feb 2007.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.

GGF - © Birds of a Feather - Policy Architecture Working Group.

Data access and sharing policies Ecosystem Approach Community of Practice (EA-CoP) Data access and sharing policies Towards the finalization of the document.

© 2008 Open Grid Forum PGI - Information Security in the UNICORE Grid Middleware Morris Riedel (FZJ – Jülich Supercomputing Centre & DEISA) PGI Co-Chair.

IBM Tivoli Provisioning Manager IPv6 Enablement

Update to the Community GGF16 - Athens

OGSA Profile Definition - Status

TCSEC: The Orange Book.

Firewall Issues Research Group GGF-15 Oct Boston, Ma Leon Gommans - University of Amsterdam Inder Monga - Nortel Networks.

OGSA-WG Basic Profile Session #1 Security

Shibboleth Roadmap

Levels of Assurance OGF Activity

Sessions 1 & 3: Published Document Session Summary

University of Virginia, USA GGF9, Chicago, Illinois, US

WS Naming OGF 19 - Friday Center, NC.

IS4550 Security Policies and Implementation

Status and Future Steps

Policy in harmony: our best practice

AARC2 JRA1 Update Nicolas Liampotis

Security Area OGF22 Programme.

Presentation transcript:

© 2006 Open Grid Forum Security Activities at OGF24 Security Area Meeting

© 2006 Open Grid Forum Overview Agenda of activities this week Group overview New initiatives Where to go from here? 2

© 2006 Open Grid Forum 3 Security Area Groups OGSA-AuthZ-WGWed11.00 CAOPS-WG (which absorbed the LoA-RG)Tue FI-RG (hibernating) New initiatives Restrictions on Delegation (jointly with GIN)Wed16.00 Intrusion Detection BoF (relocated Rm2)Wed09.00 Spawned Activities FVGA WG on firewall virtualisation interfaceWed14.15

© 2006 Open Grid Forum 4 OGSA-AuthZ interoperability and plug-ability of authorization components Last four (4) documents submitted to PC over summer Three of these still pending (Oct 2/5 deadline)... David Chadwick has the full introduction to the OGSA-AuthZ WG

© 2006 Open Grid Forum 5 CAOPS-WG Recommendations for CAs (and identity providers) and documents on ‘best practices’ Charter Review Authentication Service Profiles: authN policy criteria classification Audit Guidelines Subject entity name uniqueness policy requirements and guidelines for software implementors LoA Gap Analysis Towards a CP/CPS Template International Grid Trust Federation workshop as well

© 2006 Open Grid Forum 6 Firewall Issues RG ‘control data transport policy enforcement devices’ Last document of the RG in PC ‘ Requirements on operating Grids in Firewalled Environments’ Based on their work the new FVGA WG has started! Wednesday, Group will now ‘hibernate’ – since not all firewall issues are solved yet

© 2006 Open Grid Forum Restricting Delegation Joint effort initiated by GIN/Unicore (MorrisR) UNICORE identified use cases for both delegation and restricting these in sensitive (industrial) environments Syntactic issues are ‘easy’ to solve and standardize (but needed both in the WS-* space and in RFC3820 proxies) Semantics what do we restrict? What combinations make ‘sense’ for a service)? This needs a bit of study BoF this week to gauge interest in both topics 7

© 2006 Open Grid Forum 8 Were are we going? Security related work is going on in various OGF groups addressing security aspects of specific protocols or binds e.g. OGSA Security BP 2.0, etc. means security is becoming integral to services and the security area is ‘shrinking’... is our work now ‘complete’? still lack of ‘cross-fertilization’ between specs and implementation issues regarded as ‘done’ in one infrastructure are seen as ‘obstacle’ in others and there are only few specs (with a couple now in PC) Are we not ‘good’ in documenting what we do, or do we not work on the things that are of most interest to the community? and if so, can we see where the gaps are? but most vendors/products seem not interested in ‘internals’ of a security service, but focus on how to integrate security/access control in their service native mechanisms ‘Invite’ work on topics relevant for the community by new people? or does our current crowd have the space cycles left to work on new issues