This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/sfmain/do/go/doc15455?nav=1&selectedTab=associations at Sun, 06 Nov 2022 11:21:48 GMT SourceForge : Document Details

Project Home

Tracker

Documents

Tasks

Source Code

Discussions

File Releases

Wiki

Project Admin
Project: pgi-wg     Documents > Root Folder > Input Documents > Security Material > Delegation > Document Details
Document Details (Active Version)
Document Name: Restricted Impersonation - X509 and SAML
Document ID: doc15455
Description: The security improvements achieved with X509 restriction attributes rely completely on the fact that the X509 proxies (containing DN, Issuer, Validity, VOMS extensions, Restriction attributes, ...) are GLOBALLY SIGNED.

The following method proposed by Unicore could have security issues :
– a separate X509 proxy for authentication and quick Yes/No authorization,
– a separate bag of SAML assertions used for fine-grained authorizations and access rights restrictions.
Version Comment:
Version Created By: Etienne URBAH - 01/23/2009 9:32 AM EST
Status: Draft
Current Version: 1
Size: 84.5 KB
Lock:  Unlocked

Versions Associations Review  

Date Association Posted By Comment Association Type
No results found.



The Open Grid Forum Contact Webmaster | Report a problem | GridForge Help
This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/sfmain/do/go/doc15455?nav=1&selectedTab=associations at Sun, 06 Nov 2022 11:21:48 GMT