This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/go/projects.ggf-editor/discussion.info_saaar_reqs.comments at Sun, 06 Nov 2022 09:03:05 GMT SourceForge : Post

Project Home

Tracker

Documents

Tasks

Source Code

Discussions

File Releases

Wiki

Project Admin
Project: Editor     Discussion > INFO: SAAAR-Reqs > Comments > List of Posts
Forum Topic - Comments: (1 Item)
View:  as 
 
 
Comments
This mostly reads like a security primer, without too much that is specific to Grid computing.  I guess this is OK, but 
hope that eventually the Grid-specific elements will be separated out from industry standard "best practices."  Some 
specific comments:

Authorization != authentication
Under 1.2, aren't you talking about authentication, not authorization?

What's a VO?
There are a few places where VO is used ambigiously, and probably should be defined better.  If VOs operate at the 
service level (my understanding), they should not be conflated with system-level or user-level access control

Granularity (2.4.6)
It seems to me that anything other than user, group or VO-levels of authorization will be application dependent, and 
difficult or impossible to standardize.  Do you have a notion as to what, for example, file-level authorization might 
look like?

Certifying authorities
Do all members of a VO need to agree on signing (and thereby revocation) authorities?  Is PKI always required?  (These 
questions might be a little too conceptual, or simply require deferment to OGSA)

 
 


The Open Grid Forum Contact Webmaster | Report a problem | GridForge Help
This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/go/projects.ggf-editor/discussion.info_saaar_reqs.comments at Sun, 06 Nov 2022 09:03:05 GMT