SourceForge : View Wiki Page: SecurityPolicy

This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/wiki/do/viewPage/projects.ipg/wiki/SecurityPolicy at Thu, 03 Nov 2022 15:23:27 GMT SourceForge : View Wiki Page: SecurityPolicy

User

Password

Logins Disabled

Search Wiki Pages Project: IPG Wiki > SecurityPolicy > View Wiki Page

wiki2170: SecurityPolicy

Security Policy

Authentication

Subject	DEISA	TeraGrid	EGEE	OSG	Naregi	WestGrid	Comments
X.509 PKI	Y	Y	Y	Y	?	Y
Use IGTF accredited CAs	Y	N	Y	Y	?	Y	TeraGrid defines its own list of CAs (some are IGTF accredited)
CA removal policy	N/A	N/A	Y	Y	?	N	OSG (will) have policy for CA removal. Currently EGEE expects all resource providers to deploy all approved IGTF CAs. Any exceptions must be reported to the Grid Security Officer WestGrid has not needed it yet
Support for other authentication methods	Y	Y	Y	Y	?	Y	EGEE/OSG accept Shibboleth-based CAs from IGTF. TeraGrid supports password-based authentication and is part of the InCommon Federation for Shibboleth authentication for their User Portal. DEISA supports password based AuthN. WestGrid - password based

Authorisation

Subject	DEISA	TeraGrid	EGEE	OSG	Naregi	WestGrid	Comments
Use VOMS	N	N	Y	Y	?	Y	EGEE/OSG also working on VO registration and VO membership management policies WestGrid supports VOMS only on systems that are part of the LCG.
Map X.509 DN to local database (e.g. LDAP)	Y	Y	Y	Y	?	Y	DEISA have additional user attributes in their LDAP database
Where is user registration	Site	Site	VO	VO	?	CC	“Project PI” has similar role to “VO Manager” Compute Canada (CC) central portal; security credentials created on WG portal

Accounting

Subject	DEISA	TeraGrid	EGEE	OSG	Naregi	WestGrid	Comments
Standards-based accounting	Y	Y	Y	Y	?	Y	Accounting essential everywhere
Sharing accounting data between Grids	N	N?	Y	Y	?	N	OSG and EGEE sharing accounting data for WLCG VOs WestGrid except there are a few exceptions: LCG gets data from our systems, but that is our grid. WestGrid shares account data with Compute Canada (CC); but that is not a "grid"
Accounting data privacy policy	Y at Site level	Y at Site level	Draft	Y	?	Y	JSPG working on Accounting Data policy - http://www.jspg.org/wiki/Grid_Policy_on_the_Handling_of_User-Level_Job_Accounting_Data WestGrid's privacy policy is not well documented.

Auditing

Subject	DEISA	TeraGrid	EGEE	OSG	Naregi	WestGrid	Comments
Common auditing policy	N	N	N	N	?	N
Shared common security incident response		Y	Y	Y	?	Y	OSG/EGEE share a common Incident Response policy. OSG/TG coordinate incident response via cross-subscriptions on email lists.
Policy on Traceability and Logging			Y		?	N

Show Details

The Open Grid Forum

Contact Webmaster | Report a problem | GridForge Help

SSL Certificates

This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/wiki/do/viewPage/projects.ipg/wiki/SecurityPolicy at Thu, 03 Nov 2022 15:23:30 GMT