This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/discussion/do/listPosts/projects.ggf-editor/discussion.info_saaar_reqs.comments at Thu, 03 Nov 2022 23:24:23 GMT SourceForge : Post
Home Projects Search
User Password Logins Disabled Help

Project Home
Tracker
Documents
Tasks
Source Code
Discussions
File Releases
Wiki
Project Admin
Project: Editor     Discussion > INFO: SAAAR-Reqs > Comments > List of Posts
Forum Topic - Comments: (1 Item)
View:  as 
 
Update
 
Greg Newby
08/11/2004 3:12 PM
post4439
Comments
This mostly reads like a security primer, without too much that is specific to Grid computing.  I guess this is OK, but 
hope that eventually the Grid-specific elements will be separated out from industry standard "best practices."  Some 
specific comments:

Authorization != authentication
Under 1.2, aren't you talking about authentication, not authorization?

What's a VO?
There are a few places where VO is used ambigiously, and probably should be defined better.  If VOs operate at the 
service level (my understanding), they should not be conflated with system-level or user-level access control

Granularity (2.4.6)
It seems to me that anything other than user, group or VO-levels of authorization will be application dependent, and 
difficult or impossible to standardize.  Do you have a notion as to what, for example, file-level authorization might 
look like?

Certifying authorities
Do all members of a VO need to agree on signing (and thereby revocation) authorities?  Is PKI always required?  (These 
questions might be a little too conceptual, or simply require deferment to OGSA)

 
Return
 

The Open Grid Forum Contact Webmaster | Report a problem | GridForge Help
This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/discussion/do/listPosts/projects.ggf-editor/discussion.info_saaar_reqs.comments at Thu, 03 Nov 2022 23:24:24 GMT