Description: |
Hi all,
Believe it or not, I (now !) have an excuse for not completing
my section - while I was working on Wiki site, it just crashed :o( Might
as well, as now I have a chance to run this by you all.
I wanted to add the following as comments to the security topic:
-----------------------------------------------
Writing about security in the primer is a difficult task
especially as the OGSI is very much silent on security. Most of the
security is left to the different implementations and possibly to the
set of specifications. My thought is to touch security only with respect
to the primitives in OGSI/OGSA and also describe only actual use cases
and working grids than pundify on various mechanisms.
With that in mind, here are some topics I am thinking of. Would
appreciate feedback now as well as at the BOF
1. ServiceData access, visibility and exposure controls - how to
express, exchange and process
2. WSDL security - i.e. security of the exposed interfaces
3. Trust mechanisms - establish, bootstrap and use
4. X.509 and Kerberos usage in a grid scenario
5. Infosec issues - firewall traversal, any ACL and other
requirements for grid installation
6. VO security architecture based on 1-5 above
Potential topics:
1. Should we touch authC and authZ ? If so at what level ?
2. Is this a place for transport, message and service level
security details ?
3. ...
----------------------------------------------
Thoughts ?
Krishna Sankar
. |