This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/wiki/do/viewPage/projects.sec/wiki/LoAInitiative at Wed, 02 Nov 2022 23:43:29 GMT SourceForge : View Wiki Page: LoAInitiative

Project Home

Tracker

Documents

Tasks

Source Code

Discussions

File Releases

Wiki

Project Admin
Search Wiki Pages Project: Security     Wiki > LoAInitiative > View Wiki Page
wiki1645: LoAInitiative

Levels of Assurance Activity Initiative

Ideas around "Levels of Assurance" have been receiving more and more attention, with the advance of federations and Authentication and Authorization infrastructures.

"LoA is defined as the strength of authentication required for a service provider to be assured that a resource access is only granted to users whose identities have been verified. It reflects the degree of confidence in an authentication process used to establish the identity of an entity (an individual or a software component) to whom the credential was issued, and the degree of confidence that the entity using the credential is indeed the entity that the credential was issued to."

Ning Zhang of Manchester University has taken the initiative to bring up the discussion on this activity in the OGF context.

Examples of questions that this activity could address are:

  • What are the existing definitions of LoA suited to Grid or VO environment?
  • How to apply LoA to safeguard Grid services/resources?
  • Are some onerous registration requirements or special condition stipulations due to perceived inadequacies in the strength of authentication?
  • Are there any limitations in terms of user accessibility, scalability and interoperability?

The activity can include discussion on how operational procedures affect LoA, how the various parameters and factors influence the overall LoA value in grid/VO environments, and come up with recommendations on how these factors can be taken into account. The purpose here is to consult, and to seek comments and feedbacks from, the communities concerned (including service providers, from e-Science, e-Business and e-Gov) on their views on the definition and applications of LoA in achieving fine-grained access control.

Everyone interested in such an activity is extremely welcome to attend this activity BoF session. If there is sufficient interest within OGF, the BoF can also discuss how the activity is best embedded in the OGF organisation; it is not necessarily the aim of this BoF to result in a new research or working group.

LoA BoF session at OGF19 (Chapel Hill)

The BoF session attracted 18 participants and concluded with a proposal for establishing a research group and a work programme comprising two document

  • Overview of current LoA criteria and the relation to the risk analysis by relying parties in an e-Science context: What is it that relying parties really need to know about an identity assertion, what qualities do they require, and which attributes do they 'need to know' about an assertion provider in order to decide on trust in the assertion?
  • gap analysis of reference definitions by current LoA standards and the requirements of grid and e-Science use cases for identity assertions: Current LoA definitions are intended for direct validation by a service provider and are mostly based on planned government and defence uses and on client-server electronic transactions. This work will identify the gaps between these definitions and the potential use of LoA in the grid context. Specific use cases will be gathered as part of this work.

Slides presented during the meeting can be found at http://www.ogf.org/gf/event_schedule/index.php?id=561

You can join the LoA-BoF mailing list via http://www.ogf.org/mailman/listinfo/loa-bof

Attachments:
SevenQuestions.doc [LoAInitiative/SevenQuestions.doc]
DocumentForOGF-ES-LoA-NingZhang.pdf [LoAInitiative/DocumentForOGF-ES-LoA-NingZhang.pdf]
 



Versions Associations Attachments (2) Back Links  
Version Version Comment Created By
Version 4 David Groep - 03/29/2007
Version 3 David Groep - 03/29/2007
Version 2 David Groep - 03/29/2007
Version 1 David Groep - 11/15/2006



The Open Grid Forum Contact Webmaster | Report a problem | GridForge Help
This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/wiki/do/viewPage/projects.sec/wiki/LoAInitiative at Wed, 02 Nov 2022 23:43:35 GMT