OGSA Security Roadmap Discussion GGF5 – 7/24/02. Outline l Introduction l Architecture Goal l Roadmap Goal l Proposed Specs l Challenges l Next Steps.

Slides:



Advertisements
Similar presentations
Lousy Introduction into SWITCHaai
Advertisements

PASSPrivacy, Security and Access Services Don Jorgenson Introduction to Security and Privacy Educational Session HL7 WG Meeting- Sept
© 2006 Open Grid Forum Security Area OGF19 Standard All Hands.
OGSA-WG charter discussion Dec. 3, 2003 F2F meeting at ANL.
Fujitsu Laboratories of Europe © 2004 What is a (Grid) Resource? Dr. David Snelling Fujitsu Laboratories of Europe W3C TAG - Edinburgh September 20, 2005.
GT 4 Security Goals & Plans Sam Meder
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Security Standards (…and Competing Standards … and Implementations … and Interoperability) Marty Humphrey Assistant Professor Computer Science Department.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko.
Authz work in GGF David Chadwick
INFSO-RI Enabling Grids for E-sciencE JRA3 2 nd EU Review Input David Groep NIKHEF.
T Network Application Frameworks and XML Service Federation Sasu Tarkoma.
NSF Middleware Initiative: GridShib Tom Barton University of Chicago.
Query Health Business Working Group Kick-Off September 8, 2011.
Information Sharing Puzzle: Next Steps Chris Rogers California Department of Justice April 28, 2005.
InCommon Michigan State Common Solutions Group, January 2011 Matt Kolb
OGSA SEC WG [OGSA= Open Grid Services Architecture] Co-chairs: Nataraj Nagaratnam, IBM, USA Marty Humphrey University of Virginia, USA GGF9.
Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.
Dr. Bhavani Thuraisingham October 2006 Trustworthy Semantic Webs Lecture #16: Web Services and Security.
Elements of Trust Framework for Cyber Identity & Access Services CYBER TRUST FRAMEWORK Service Agreement Trust Framework Provider Identity Providers Credential.
OpenPASS Open Privacy, Access and Security Services “Quis custodiet ipsos custodes?”
2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.
OASIS XACML TC and Rights Language TC Hal Lockhart
© 2006 Open Grid Forum Security Activities at OGF24 Security Area Meeting.
17 March 2008 © 2008 The University of Edinburgh, European Microsoft Innovation Center and University of Southampton IT Innovation Centre 1 NextGRID Security.
Andrew McNab - GGF Authz - 16 Dec 2003 GGF Authorization work Andrew McNab, University of Manchester
Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.
Navigating the Standards Landscape Andrew Owen SEARCH.
Global Grid Forum GridWorld GGF15 Boston USA October Abhishek Singh Rana and Frank Wuerthwein UC San Diegowww.opensciencegrid.org The Open Science.
WS-Trust “From each,according to his ability;to each, according to his need. “ Karl marx Ahmet Emre Naza Selçuk Durna
Secure Systems Research Group - FAU Patterns for Web Services Security Standards Presented by Keiko Hashizume.
AAI WG EMI Christoph Witzig on behalf of EMI AAI WG.
Manish Mehta, CS 590L Authentication Services in Open Grid Services by Manish Mehta April 27, 2004.
CaGrid 2.0 Security Prototype 1. Goals Prototype some proposed security solutions – Ensure interoperability across programming models – Ensure interoperability.
National Computational Science National Center for Supercomputing Applications National Computational Science GSI Online Credential Retrieval Requirements.
Grid Security: What is it? Where is it going? Why? Von Welch National Center for Supercomputing Applications Globus Alliance.
RUS: Resource Usage Service Steven Newhouse James Magowan
Grid Authorization Landscape and Futures Von Welch NCSA
Authorization GGF-6 Grid Authorization Concepts Proposed work item of Authorization WG Chicago, IL - Oct 15 th 2002 Leon Gommans Advanced Internet.
Sprint 116 Review / Sprint 117 Planning September 23th, 2013.
Status Update on Other GFIPM Activity Threads GFIPM Delivery Team Meeting November 2011.
February, TRANSCEND SHIRO-CAS INTEGRATION ANALYSIS.
Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.
Andrew McNabGESA/Authz, GGF9, 7 Oct 2003Slide 1 Authorization status Andrew McNab High Energy Physics University of Manchester
Discussion - HITSC / HITPC Joint Meeting Transport & Security Standards Workgroup October 22, 2014.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks OpenSAML extension library and API to support.
The Roadmap of NAREGI Security Services Masataka Kanamori NAREGI WP
Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.
Copyright © 2009 Trusted Computing Group An Introduction to Federated TNC Josh Howlett, JANET(UK) 11 June, 2009.
L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.
Sprint Demo Meeting Álvaro Alonso and Federico Fernández UPM – DIT Security Chapter. FIWARE.
Law Enforcement Information Sharing Program (LEISP) Federated Identity Management Pilot February 27, 2006.
OGSA-WG Basic Profile Session #1 Security
JRA3 Introduction Åke Edlund EGEE Security Head
Usecases and Requirements for OGSA-Security
OGSA Status and Future GGF13 March 14, 2005 in Seoul
Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)
GWS-WG: summary and objectives
University of Virginia, USA GGF9, Chicago, Illinois, US
OGF 21 Seattle Washington
Overview and Development Plans
Grid Security: What is it? Where is it going? Why?
Example Use Case for Attribute Authorities and Token Translation Services - the case for eduGAIN Andrea Biancini.
NSF Middleware Initiative: GridShib
Presentation transcript:

OGSA Security Roadmap Discussion GGF5 – 7/24/02

Outline l Introduction l Architecture Goal l Roadmap Goal l Proposed Specs l Challenges l Next Steps l … l Discussion

OGSA Security Architecture Goal l Address the Grid Security Requirements l Leverage existing/emerging Frameworks/Architecture/Standards l High Level

OGSA Security Roadmap Goal l Address the Grid Security Architecture Requirements l Make Implementations Possible l Address Interoperability l Address Pluggability/Replaceability l Address missing/late/insufficient Standards

Leverage existing/emerging Security Standards l WS-Security/Policy/Trust/Federation/ Authorization/SecureConversation/Privacy l XKMS, XML-Signature/Encryption, SAML, XACML, XrML l But… –Need to OGSA’fy –Need to define Profile/Mechanisms –Need to define Naming conventions –Need to address late/missing specs

Security Services

CategorySpecifications Naming OGSA Identity OGSA Target/Action Naming OGSA Attribute and Group Naming Transient Service Identity Acquisition Translation between Security Realms Identity Mapping Service Generic Name Mapping Policy Mapping Service Credential Mapping Service Authentication Mechanism Agnostic OGSA Certificate Validation Service OGSA-Kerberos Services Pluggable Session Security GSSAPI-SecureConversation Pluggable Authorization Service OGSA-Authorization Service Proposed Specs. (1)

CategorySpecifications Authorization Policy Management Coarse-grained Authorization Policy Management Fine-grained Authorization Policy Management Trust Policy Management OGSA Trust Service Privacy Policy Management Privacy Policy Framework VO Policy Management VO Policy Service DelegationIdentity Assertion Profile Capability Assertion Profile Proposed Specs. (2)

CategorySpecifications Firewall FriendlyOGSA Firewall Interoperability Security Policy Expression and Exchange Grid Service Reference and Service Data Security Policy Decoration Secure Service Operation Secure Service’s Policy and Processing Service Data Access Control Audit and Secure Logging OGSA Audit Service OGSA Audit Policy Management Proposed Specs. (3)

Firewall “Friendly”

Challenges l Empty WS Security Architecture boxes l Dependencies on other Standards Orgs l Grid Community & Industry Participation l Time l High expectations…

Proposed Charter l Produce and maintain Architecture and Roadmap docs –Identify OGSA Security requirements l Identify and initiate other Security WG associated with needed specs. l Coordinate and participate in external Standardization efforts –Specifically related to the emerging WS Security Architecture

Next Steps l OGSA Security WG Charter –OGSA Security Architecture & Roadmap docs. l Refining the Architecture & Roadmap –Dependencies & timelines –Add missing specs & delete obsolete ones l Solicit/ask/force/bribe people/orgs/companies to commit to work on the specs l Formation of other OGSA-security WGs –Address different specs. l Ensure “Grid–focus” in other Standards Orgs

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.