Focus on:  Hide Contributions
Login

Middleware Security Group Meeting

Europe/Zurich
SLAC

SLAC
Bob Cowles, Ake Edlund
Description
Goal with meeting: Update on current global security architecture work. Discuss future global security architecture work. The meeting is in the Research Office Buildng (ROB) - building number 48 on the North side of the campus (30-B) on the map http://www2.slac.stanford.edu/maps/slacarea.html#gridMap The meeting room is Redwood A-B on the south side of the building.
more information
  • Monday 5 June
    • Kick-off
    • glexec / managing dynamic change of users at runtime
      • 1
        glexec - update
        Speaker: Gerben Venekamp (NIKHEF, NL)
        transparencies
      • 2
        glExec and its Integration into the OSG Software Stack
        Speaker: Keith Chadwick (Fermilab, USA)
        transparencies
      • 11:00
        Coffee
    • WS-naming effort in GGF

      WS-naming effort in GGF, and report on a
      related identifier services framework we\'re designing/coding for caBIG.

      transparencies
    • Deb Agarwal & Brian Tierney
      transparencies
    • Lunch
    • Auditing
      • 3
        Auditing topics
        (1) gPlazma: quick current design/implementation, future IDP-wall and Auditing extensions. (2) Auditing: help facilitate discussion with Bob. (3) SRM CET: I am co-PI on the SciDAC proposal. I can give a brief idea of goals (goal is to build a full-fledged multi-VO-multi-site SRM Security & Policy Framework, contributing to SAML/XACML future specs and thus possibly OGSA-Authz-2 and beyond).
        Speaker: Abhishek Sing Rana
      • 15:00
        Coffee
      • 4
        Auditing requirements
        What do we want from an auditing system? What information MUST be there, what MAY be there, etc.
  • Tuesday 6 June
    • Security Process and Plans
      • 5
        OSG Security Activities
        Speaker: Bob Cowles (SLAC)
        transparencies
      • 6
        The NIST Process and how it informs the OSG Security Process
        Speaker: Irwin Gaines (Fermilab, USA)
        transparencies
      • 7
        Open Science Grid VO Trust and AUP
        Speaker: Keith Chadwick (Fermilab, USA)
        transparencies
      • 11:00
        Coffee
      • 8
        EGEE Security Coordination Group
        Speaker: Ake Edlund (KTH)
        transparencies
      • 9
        EGEE and JSPG activities
        Speaker: Dave Kelsey (Rutherford Appleton Laboratory)
        transparencies
      • 10
        EGEE Grid Security Vulnerability Group
        Speaker: Linda Cornwall (presented by Dave Kelsey) (Rutherford Appleton Laboratory)
        transparencies
      • 11
        gLite 3.0 update and plans
        Speaker: John White (CERN)
        transparencies
    • Lunch
    • Authorization - Status and Plans
      • 12
        Recent Updates in the Privilege Project
        Speaker: Vikram Andem (Fermilab, USA)
        transparencies
    • xrootd
      • 13
        Dealing with firewalls: xrootd proxy architecture
        The xrootd data server, part of the Scalla Software Suite, allows external client access to data protected by firewalls using proxy servers. Since xrootd is a peer-to-peer architecture servers can be recast as clients, making it natural to provide a proxy data service. This talk describes the xrootd proxy mechanism, how proxy clusters can be defined, and future direction to use proxy services to provision peer cross-domain data networks.
        Speaker: Andrew Hanushevsky (SLAC)
        transparencies
      • 14
        The Authentication and Authorization Framework used in xrootd
        The xrootd dataserver, part of the Scalla Software Suite, uses a generic authentication framework; implemented via dynamic plug-ins. This architecture provides multi-protocol authentication capabilities and allows clients to auto-configure themselves to correspond to the authentication protocols supported by each server. Adding a new authentication protocol is accomplished by creating and distributing an external authentication-specific plug-in shared library. Currently, plug-ins exist for GSI, Kerberos 4 and 5, and simple password authentication. The server-centric authorization mechanism is implemented in a similar manner. This talk describes the authentication and authorization frameworks and how they can be used by other middleware needing comparable facilities.
        Speaker: Andrew Hanushevsky (SLAC)
        transparencies
    • Round-up, summary, what's next

      During this meeting, we'll discuss the attached MWSG-9-Conclusions.txt document: content, names, dates

      actionlist
Powered by Indico v3.3.7-pre