This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/wiki/do/viewPage/projects.pgi-wg/wiki/ReqAA9 at Fri, 04 Nov 2022 17:53:41 GMT SourceForge : View Wiki Page: ReqAA9
Home Projects Search
User Password Logins Disabled Help

Project Home
Tracker
Documents
Tasks
Source Code
Discussions
File Releases
Wiki
Project Admin
Search Wiki Pages Project: pgi-wg     Wiki > ReqAA9 > View Wiki Page
wiki2341: ReqAA9

Req. Nb ID Description Source Areas Dependencies Status Date
AA9 32 There must be a mechanism which allows users to manage Activities submitted by other users (access control lists/methods/policies).
In order to authorize (or not) an request on an Activity, each instance of the Execution Service MUST enforce a consistent authorization method. 		Luigi Zangrando Security, Activity Management   Agreed YES 2010-04-28

Luigi Zangrando on 2010-03-19

  • Propose requirement with title  'We must authorize a user to manage Activities submitted by other users'

Morris, Balazs and Etienne on 2010-04-21

  • At the end of the title, add 'access control lists/methods/policies'
  • Spreadsheet ID = 32

Etienne Urbah's position on 2010-04-22

  • An Activity is clearly a GLUE entity.  So, for generality, I suggest to change the original title to :
    'In order to authorize (or not) an request on a GLUE entity, all service instances MUST enforce a consistent authorization method,
    and SHOULD use the authorization framework specified by the grid infrastructure on which they are running'
  • If you prefer to stick to Activities managed by an Execution Service, I suggest following more dedicated title :
    'In order to authorize (or not) an request on an Activity, each instance of the Execution Service MUST enforce a consistent authorization method,
    and SHOULD use the authorization framework specified by the grid infrastructure on which it is running'
  • As a particular case, any Client is therefore able to manage any Activity on which the Client has authorization
  • This has an impact on the the definition of a 'Client' in the context of PGI :
    - Until now, I thought that a 'Client' was simply the Submitter of an Activity
    - From now on, I think that a 'Client' is a holder of credentials belonging to member of a GLUE UserDomain
    I have proposed this modification inside the Vocabulary
  • Anyway, I vote FOR this requirement

Amsterdam meeting on 2010-04-28

  • Change title to :
    'There must be a mechanism which allows users to manage Activities submitted by other users (access control lists/methods/policies).
    In order to authorize (or not) an request on an Activity, each instance of the Execution Service MUST enforce a consistent authorization method.'
  • Agreed YES
 

 
Hide Details
 


Versions Associations Attachments Back Links  
Version Version Comment Created By
Version 7 Etienne URBAH - 05/06/2010
Version 6 ! Amsterdam meeting on 2010-04-28 * Change title to :\\ 'There must be a mechanism which allows users to manage Activities submitted by other users (access control lists/methods/policies)\\ In order to authorize (or not) an request on an Activity, each instance of the Execution Service MUST enforce a consistent authorization method' * Agreed YES Etienne URBAH - 05/06/2010
Version 5 Etienne URBAH - 04/28/2010
Version 4 Etienne URBAH - 04/22/2010
Version 3 Etienne URBAH - 04/22/2010
Version 2 Suggest more general titles - Impact on the definition of Client Etienne URBAH - 04/22/2010
Version 1 ! Morris, Balazs and Etienne on 2010-04-21 * At the end of the title, add 'access control lists/methods/policies' * Spreadsheet ID = 32 Etienne URBAH - 04/21/2010


The Open Grid Forum Contact Webmaster | Report a problem | GridForge Help
This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/wiki/do/viewPage/projects.pgi-wg/wiki/ReqAA9 at Fri, 04 Nov 2022 17:53:48 GMT