CaGrid 2.0 Security Prototype 1. Goals Prototype some proposed security solutions – Ensure interoperability across programming models – Ensure interoperability.

Slides:

Advertisements

Similar presentations

0 McLean, VA August 8, 2006 SOA, Semantics and Security.

Advertisements

MyProxy Jim Basney Senior Research Scientist NCSA

1 SensorWebs and Security Experiences Dan Mandl Presented at WGISS Meeting in Toulouse, France May 11, 2009.

Tuesday, June 10, 2003 Web Services Brief Overview & Security Assertion Coordinator Pattern by Mohammad Abushadi & Riaz Ahmed for Security Group CSE -

Security Standards (…and Competing Standards … and Implementations … and Interoperability) Marty Humphrey Assistant Professor Computer Science Department.

TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko.

Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.

Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

WS-Security TC Christopher Kaler Kelvin Lawrence.

TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-

WebFTS as a first WLCG/HEP FIM pilot

GFIPM Web Services Implementation Status Update GFIPM Delivery Team Meeting November 2011.

GFIPM Web Services Concept and Normative Standards GFIPM Delivery Team Meeting November 2011.

Public Key Infrastructure from the Most Trusted Name in e-Security.

SAML-based Delegation in Shibboleth Scott Cantor Internet2/The Ohio State University.

Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Distributed Web Security for Science Gateways Jim Basney In collaboration with: Rion Dooley Jeff Gaynor

OGSA SEC WG [OGSA= Open Grid Services Architecture] Co-chairs: Nataraj Nagaratnam, IBM, USA Marty Humphrey University of Virginia, USA GGF9.

Introduction to the Data Exchange Hub (DEH) Project July 15, 2005.

Elements of Trust Framework for Cyber Identity & Access Services CYBER TRUST FRAMEWORK Service Agreement Trust Framework Provider Identity Providers Credential.

Promoting Web Services Interoperability Across Platforms, Applications and Programming Languages Basic Profile 1.0 August 12, 2003 Copyright © 2003 by.

Security Area in GridPP2 4 Mar 2004 Security Area in GridPP2 “Proforma-2 posts” overview Deliverables – Local Access – Local Usage.

© 2011 Lantana Consulting Group, 1 Open Health Tools Membership Presentation July Lantana Consulting Group Transforming healthcare.

UNCLASSIFIED 1 Authorization and Attribute Service Tiger Team (AATT) Update & Status January 13, 2008

Supporting further and higher education The Akenti Authorisation System Alan Robiette, JISC Development Group.

Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.

Meteor & Mapping Your Future: Leveraging Technology to Provide Enhanced Services 3 rd Annual Conference on Technology & Standards May 2, 2006.

1 Globus Toolkit Security Rachana Ananthakrishnan Frank Siebenlist Argonne National Laboratory.

WS-Trust “From each,according to his ability;to each, according to his need. “ Karl marx Ahmet Emre Naza Selçuk Durna

AAI WG EMI Christoph Witzig on behalf of EMI AAI WG.

Shibboleth: An Introduction

OGSA Security Roadmap Discussion GGF5 – 7/24/02. Outline l Introduction l Architecture Goal l Roadmap Goal l Proposed Specs l Challenges l Next Steps.

Semantic Web Technologies Research Topics and Projects discussion Brief Readings Discussion Research Presentations.

Access Control and Markup Languages Pages 183 – 187 in the CISSP 1.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Security Token Service Valéry Tschopp - SWITCH.

SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.

NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.

State of e-Authentication in Higher Education August 20, 2004.

E-Authentication in Higher Education April 23, 2007.

EOSDIS User Registration System (URS) 1 GES DISC User Working Group May 10, 2011 GSFC, NASA.

Manish Mehta, CS 590L Authentication Services in Open Grid Services by Manish Mehta April 27, 2004.

Prabath Siriwardena – Software Architect, WSO2. Patterns Standards Implementations Plan for the session.

Using WS-I to Build Secure Applications Anthony Nadalin Web Services Interoperability Organization (WS-I) Copyright 2008, WS-I, Inc. All rights reserved.

April, 2005 ebSOA Based on FERA Reference Model Vasco Drecun Collaborative Product Development Associates, LLC Goran Zugic ebXMLsoft Inc.

ESSRT In-Process Review September 10, Agenda 1.Work Completed Till Date 2.Scope of future activities and deliverables 2.

E-Authentication October Objectives Provide a flexible, easy to implement authentication system that meets the needs of AES and its clients. Ensure.

EMI is partially funded by the European Commission under Grant Agreement RI Federated Grid Access Using EMI STS Henri Mikkonen Helsinki Institute.

SAIF Effects on Interoperability Reviews WG Baris E. Suzek May, 25, 2010.

Security and Privacy for the Smart Grid James Bryce Clark, OASIS Robert Griffin, RSA Hal Lockhart, Oracle.

Web Services Security Mike Shaw Architectural Engineer.

INDIGO – DataCloud Security and Authorization in WP5 INFN RIA

OGF 43, Washington 26 March FELIX background information Authorization NSI Proposed solution Summary.

In Vivo Imaging Middleware — Phase 6 Ashish Sharma, Tony Pan, Y. Nadir Saghar.

CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland.

L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.

Eclipse Foundation, Inc. Eclipse Open Healthcare Framework v1.0 Interoperability Terminology HL7 v2 / v3 DICOM Archetypes Health Records Capture Storage.

Bob Jones EGEE Technical Director

JRA3 Introduction Åke Edlund EGEE Security Head

Prime Service Catalog 12.0 SAML 2.0 Single Sign-On Support

University of Virginia, USA GGF9, Chicago, Illinois, US

Public Key Infrastructure from the Most Trusted Name in e-Security

Technical Approach Chris Louden Enspier

InfiNET Solutions 5/21/

Presentation transcript:

caGrid 2.0 Security Prototype 1

Goals Prototype some proposed security solutions – Ensure interoperability across programming models – Ensure interoperability across platforms, Java and.NET – Assess tools available for use and development efforts for production system 2

Deliverable 1 Security Token Service Exchange Username/Password for X.509 Certificate and SAML Holder of Key Assertion Provide interfaces to support SOAP and RESTful models Deploy test service for interoperability testing Document architecture and implementation Due date: Feb

Deliverable 2 Sample Secure Service Validate authentication using agreed token formats X.509 Certificate and SAML Holder of Key Assertion Provide interfaces to support SOAP and RESTful models Deploy test service for interoperability testing Due date: Feb

Interoperability Testing Goal: – Ensure tokens can be consumed across platforms – Planned platforms:.NET and Java platforms MD Anderson? and UVA (Marty Humphrey) – Will setup the.NET services – Test token usage and securing services Start Date: Feb

Deliverable 3 Pluggable Authorization – Augment secure service with authorization – Ability to process XACML policy – Programming interface agnostic – Due date: April

Deliverable 4 Web Single Sign On – Leverage effort by ESP team – Develop specific use cases Engagement with caCIS – Delegation of credential via Web Single Sign On – Due date: April