Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2007 Open Grid Forum Authentication Service Profile Christos Kanellopoulos 14 th EUGridPMA, Lisbon, PT October 7 th, 2008.

Published byGervase Shields Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2007 Open Grid Forum Authentication Service Profile Christos Kanellopoulos 14 th EUGridPMA, Lisbon, PT October 7 th, 2008."— Presentation transcript:

1 © 2007 Open Grid Forum Authentication Service Profile Christos Kanellopoulos 14 th EUGridPMA, Lisbon, PT October 7 th, 2008

2 © 2007 Open Grid Forum 2 Authentication Service Profiles https://forge.gridforum.org/sf/go/doc4856 Purpose of the document: Requirements for defining an Authentication Service Profile that can be used by IdPs to provide compliant Authentication Services Characteristics an Authentication Service Profile: An Authentication Service Profile provides a way for Grid Relying Parties (RP) to be able to identify and compare Authentication Services provided by Identity Providers An IdP can provide Authentication Services based upon one or more Authentication Service Profiles. 2

3 © 2007 Open Grid Forum 3 Requirements for Authentication Service Profiles 1.Authentication Service Management Describe who is responsible for the service and change control. Specify the community that will be served by the Authentication Service. Specify the scope of the service 2.General Architecture Describe the system architecture used to build the authentication service used by the Identity provider. How does the customer and management interface to the system? 3.Identities The Authentication Service must describe how identity is managed and communicated in the community. Each Authentication service must define Identity vetting rules, what each user does to prove the identity of the user, host or service identified as part of an organization. Identity revocation: how a person or system is removed from the service. Is there a special Acceptable Use Policy that applies? 3

4 © 2007 Open Grid Forum 4 Requirements for Authentication Service Profiles 4.Operational Requirements QOS for the authentication service: is 24/7 support or not, Trouble ticket reporting, Information request and general customer support. Required contact information, problem reporting/resolution procedures. 5.Facility Security For each authentication service used by the identity service provider describe the: Software, network, server and physical security at the site of the authentication service. Also describe: procedural controls, personnel security controls. Life cycle for security controls - How do you update/change security controls and keep the community informed? 6.Publication and Security responsibilities What information must published and maintain by the Authentication service. How long information must be maintained? Access rights to read or use the information. 4

5 © 2007 Open Grid Forum 5 Requirements for Authentication Service Profiles 7.Liability What liability or warranties are supported by the service? 8.Financial Responsibilities How do you pay for the service? Any financial responsibilities to your members? 9.Audits Do you audit each authentication service for compliance to your policies Do you conduct self audits or member audits or open to external audits 10.Privacy, confidentiality What are your privacy rules, IP policies, etc 11.Compromise and Disaster recover How do you handle exposed shared secrets or other compromised secrets? What facilities are in place to rebuild the service in the case of a disaster? How long would the service be out of commission if the service is compromised or damaged? 5

Download ppt "© 2007 Open Grid Forum Authentication Service Profile Christos Kanellopoulos 14 th EUGridPMA, Lisbon, PT October 7 th, 2008."

Similar presentations

Web Security for Network and System Administrators1 Chapter 1 Introduction to Information Security.

Web Security for Network and System Administrators1 Chapter 1 Introduction to Information Security.
Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
Software Quality Assurance Plan

Software Quality Assurance Plan
Compliance storyboard: Classifying & controlling content at the input device.

Compliance storyboard: Classifying & controlling content at the input device.
Ethics Ethics are the rules of personal behavior and conduct established by a social group for those existing within the established framework of the social.

Ethics Ethics are the rules of personal behavior and conduct established by a social group for those existing within the established framework of the social.
Security Controls – What Works

Security Controls – What Works
CA-OPS Authentication Profiles Tony Genovese ATF team ESnet Lawrence Berkeley National Laboratory.

CA-OPS Authentication Profiles Tony Genovese ATF team ESnet Lawrence Berkeley National Laboratory.
NRENs supporting Grids using current Grid technology TERENA NREN-GRID Workshop Amsterdam 2005-10-17 Milan Sova CESNET.

NRENs supporting Grids using current Grid technology TERENA NREN-GRID Workshop Amsterdam Milan Sova CESNET.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Social Engineering Jero-Jewo. Case study Social engineering is the act of manipulating people into performing actions or divulging confidential information.

Social Engineering Jero-Jewo. Case study Social engineering is the act of manipulating people into performing actions or divulging confidential information.
1 Pertemuan 9 Network Security and E-Commerce Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi: >

1 Pertemuan 9 Network Security and E-Commerce Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi: >
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Identity Management What is it? Why? Responsibilities? Bill Weems Academic Computing University of Texas Health Science Center at Houston.

Identity Management What is it? Why? Responsibilities? Bill Weems Academic Computing University of Texas Health Science Center at Houston.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Security Awareness Norfolk State University Policies.

Security Awareness Norfolk State University Policies.
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.
IOTA Questions for RPs Sept 9, 2013 Bucharest, Romania.

IOTA Questions for RPs Sept 9, 2013 Bucharest, Romania.
Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.
Policy Review (Top-Down Methodology) Lesson 7. Policies From the Peltier Text, p. 81 “The cornerstones of effective information security programs are.

Policy Review (Top-Down Methodology) Lesson 7. Policies From the Peltier Text, p. 81 “The cornerstones of effective information security programs are.
+1 (801) 877-2100 Standards for Registration Practices Statements IGTF Considerations.

+1 (801) Standards for Registration Practices Statements IGTF Considerations.

Similar presentations

Ads by Google