This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/docman/do/viewDocument/projects.pgi-wg/docman.root.input_documents.security_material.delegation/doc15455?nav=1 at Sun, 06 Nov 2022 11:21:56 GMT SourceForge : Document Details
Home Projects Search
User Password Logins Disabled Help

Project Home
Tracker
Documents
Tasks
Source Code
Discussions
File Releases
Wiki
Project Admin
Search Documents
Project: pgi-wg     Documents > Root Folder > Input Documents > Security Material > Delegation > Document Details
Document Details (Active Version)
Document Name: Restricted Impersonation - X509 and SAML
Document ID: doc15455
Description: The security improvements achieved with X509 restriction attributes rely completely on the fact that the X509 proxies (containing DN, Issuer, Validity, VOMS extensions, Restriction attributes, ...) are GLOBALLY SIGNED.

The following method proposed by Unicore could have security issues :
– a separate X509 proxy for authentication and quick Yes/No authorization,
– a separate bag of SAML assertions used for fine-grained authorizations and access rights restrictions.
Version Comment:
Version Created By: Etienne URBAH - 01/23/2009 9:32 AM EST
Status: Draft
Current Version: 1
Size: 84.5 KB
Lock:  Unlocked

Versions Associations Review  
  Active Version Version Comment Review Created By Status
Active Version 1 Etienne URBAH - 01/23/2009 Draft

 
Return
 
 
Open Document
 
 
< Previous
 
 
Next >
 


The Open Grid Forum Contact Webmaster | Report a problem | GridForge Help
This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/docman/do/viewDocument/projects.pgi-wg/docman.root.input_documents.security_material.delegation/doc15455?nav=1 at Sun, 06 Nov 2022 11:21:59 GMT