TWiki>
EMI Web>EmiProjectStructure>JRA1>EmiJra1>EmiJra1T4Security>EmiJRA1SecArchDoc (2013-04-03, JohnWhite)
EditAttachPDF
EMI Web>EmiProjectStructure>JRA1>EmiJra1>EmiJra1T4Security>EmiJRA1SecArchDoc (2013-04-03, JohnWhite) EditAttachPDF Placeholder for the Security Architecture Document.
| Section Heading | Source/Responsible | Contacted | Submitted | Completed |
| 2.1 Definition of Security Architecture | Mostly from EGEE MJRA1.4. I need input from all on this! |  |
|
 |
| 2.2 Trust, Authentication and Authorization: A Terminology (Definitions of the most important concepts) | Mostly from EGEE MJRA1.4. John. | |
|
|
| 2.3 Virtual Organization, Sites and Common Grid Services (Definitions, brief description of the major grid services and how security applies to them) | Directly from EGEE MJRA1.4. John. Will need checking by UNICORE and ARC. (Bernd,Weizhong) | |
|
|
| 3 Authentication | Directly from EGEE MJRA1.4 . John. Input from David G. | |
|
|
| 3.1 Identity Credential Formats | Directly from MJRA1.4. John. Input from Bernd for UNICORE | |
|
|
| 3.2 Bootstrapping Authentication | Directly from EGEE MJRA1.4. John. | |
|
|
| 3.3 Enforcing Validity Constraints | Directly from EGEE MJRA1.4. John. Need input from Bernd,Weizhong. | |
|
|
| 3.4 EMI Common Authentication Libraries | New text from CANl PT. Zdenek | |
|
|
| 3.4.1 C CANl | New text from CANl | |
|
|
| 3.4.2 C++ CANl | New text from CANl | |
|
|
| 3.4.3 Java CANl | New text from CANl | |
|
|
| 3.5 Revocation | Directly from EGEE MJRA1.4 (updating by Oscar). | |
|
|
| 3.6 Certificate Renewal | Directly from from EGEE MJRA1.4. John. | |
|
|
| 3.7 Delegation | Text from EGEE MJRA1.4 updated by Paul Millar. Input from NIKHEF | |
|
|
| 3.8 Renewal of Proxy Certificates. | Text needs updating by Daniel K. | |
|
|
| 3.9 Anonymity, Privacy, Pseudonymity | Text from EGEE MRA1.4 to be updated by Henri M. | |
|
|
| 4 Federated Identities | Henri to check. | |
|
|
| 4.1 STS | New text from Henri | |
|
|
| 5 Authorization | |
|
|
|
| 5.1 Introduction | From MJRA1.4. John | |
|
|
| 5.2 VOMS and UVOS | Andrea for VOMS. Bernd for UVOS. | |
|
|
| 5.2.1 UVOS | Krzysztof for UVOS. | |
|
|
| 5.2.2 VOMS | Andrea for VOMS. | |
|
|
| 5.3 Policy definition and management | New text on XACML and SAML profiles. Updated by Simon. | |
|
|
| 5.4 Argus AuthZ service | Text from MJRA1.4. Updated by Simon. | |
|
|
| 5.5 Identity Switching on the Worker Nodes | Text from MJRA1.4. Need updating by Oscar/Mischa. | |
|
|
| 6 Data Management | |
|
|
|
| 6.1 Unencrypted Data Storage. | From MJRA1.4. John | |
|
|
| 6.1.1 DPM/LFC | Directly from MJRA1.4 | |
|
|
| 6.1.2 dCache. | Asked Patrick for some text. | |
|
|
| 6.1.3 StoRM | Asked for some text. | |
|
|
| 6.1.4 FTS | Directly from MJRA1.4 | |
|
|
| 6.2 Encrypted Data Storage. | This is the Hydra section. John. | |
|
|
| 7 Logging, Tracing and Auditing | Updating of text from Mischa/Oscar/David G. | |
|
|
| 8 Security Management and Threats Handling | New text from Mischa/Oscar/David G. | |
|
|
| 8.1 Software Security Management | New text from Mischa/Oscar/David G. | |
|
|
| 8.2 Bug fixing, Emergency Releases, etc. | Text added Needs work later. | |
|
|
| 8.3 Grid Services Security Assessment. | Elisa Heyman | |
|
|
| 9 International Collaborations | ||||
| 9.1 OGF, IGTF, IGE | Need to ask this from Morris | |
|
|
| 10 Assessment, Strengths, ideas for improvement | This comes from everyone. Free form... | |
|
|
| I | Attachment | History | Action | Size | Date | Who | Comment |
|---|---|---|---|---|---|---|---|
 odt |
EMI_Security_Architecture_v0.1.odt | r49 r48 r47 r46 r45 | manage | 1395.1 K | 2013-03-07 - 13:49 | JohnWhite | |
| odt |
EMI_Security_Architecture_v0.2.odt | r2 r1 | manage | 1395.4 K | 2013-03-07 - 16:21 | JohnWhite | |
| odt |
EMI_Security_Architecture_v0.3.odt | r1 | manage | 1395.0 K | 2013-03-26 - 13:25 | JohnWhite | |
| odt |
EMI_Security_Architecture_v0.4.odt | r4 r3 r2 r1 | manage | 1407.9 K | 2013-04-03 - 15:36 | JohnWhite | |
 pdf |
SecArch_v3.pdf | r2 r1 | manage | 158.2 K | 2012-11-02 - 15:50 | JohnWhite |
EMI Web
News
Events
Procedures and Tools
Mailing Lists
Documents
Project Structure
Create New Topic
Index
Search
Changes
Statistics- ABATBEA
- ACPP
- ADCgroup
- AEGIS
- AfricaMap
- AgileInfrastructure
- ALICE
- AliceEbyE
- AliceSPD
- AliceSSD
- AliceTOF
- AliFemto
- ALPHA
- Altair
- ArdaGrid
- ASACUSA
- AthenaFCalTBAna
- Atlas
- AtlasLBNL
- AXIALPET
- CAE
- CALICE
- CDS
- CENF
- CERNSearch
- CLIC
- Cloud
- CloudServices
- CMS
- Controls
- CTA
- CvmFS
- DB
- DefaultWeb
- DESgroup
- DPHEP
- DM-LHC
- DSSGroup
- EGEE
- EgeePtf
- ELFms
- EMI
- ETICS
- FIOgroup
- FlukaTeam
- Frontier
- Gaudi
- GeneratorServices
- GuidesInfo
- HardwareLabs
- HCC
- HEPIX
- ILCBDSColl
- ILCTPC
- IMWG
- Inspire
- IPv6
- IT
- ItCommTeam
- ITCoord
- ITdeptTechForum
- ITDRP
- ITGT
- ITSDC
- LAr
- LCG
- LCGAAWorkbook
- Leade
- LHCAccess
- LHCAtHome
- LHCb
- LHCgas
- LHCONE
- LHCOPN
- LinuxSupport
- Main
- Medipix
- Messaging
- MPGD
- NA49
- NA61
- NA62
- NTOF
- Openlab
- PDBService
- Persistency
- PESgroup
- Plugins
- PSAccess
- PSBUpgrade
- R2Eproject
- RCTF
- RD42
- RFCond12
- RFLowLevel
- ROXIE
- Sandbox
- SocialActivities
- SPI
- SRMDev
- SSM
- Student
- SuperComputing
- Support
- SwfCatalogue
- TMVA
- TOTEM
- TWiki
- UNOSAT
- Virtualization
- VOBox
- WITCH
- XTCA
 |
|
Copyright &© 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback