uk contributions to edg security
Download
Skip this Video
Download Presentation
UK contributions to EDG Security

Loading in 2 Seconds...

play fullscreen
1 / 10

UK contributions to EDG Security - PowerPoint PPT Presentation


  • 114 Views
  • Uploaded on

UK contributions to EDG Security. Linda Cornwall, GridPP Middleware Meeting 24 th February 2003. Introduction. Security is important – without security the grid will fail. Yet Security is not a separate WP in EDG

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'UK contributions to EDG Security' - orpah


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
uk contributions to edg security

UK contributions to EDG Security

Linda Cornwall, GridPP Middleware Meeting

24th February 2003

introduction
Introduction
  • Security is important – without security the grid will fail.
  • Yet Security is not a separate WP in EDG
  • Security is not entirely about middleware – but is closely tied to middleware and middleware deployment.
  • Security is about policy, deployment, operations.
  • As well as depending on the middleware tools to carry these out.
uk s main contributions
UK’s main Contributions
  • DataGrid Security Co-ordination Group – Lead by David Kelsey (RAL)
  • Certificate Authorities Working Group – Lead by David Kelsey (RAL)
  • UK CA at the CLRC e-science centre.
  • BaBar VO (Virtual Organization)
  • Security Middleware development by Andrew McNab (Manchester)
  • Security Analysis by Gavin Lowe and Philippa Broadfoot (Oxford)
edg security coordination group scg
EDG Security Coordination Group (SCG)
  • Started in January 2002 (1 year into the DataGrid project)
  • Mandate:-
    • To Produce the EU deliverables of WP7 on Security.
    • To help co-ordinate, where necessary, the various Security activities taking place in WP’s 1 to 5 and WP7.
    • To liase with WP6 CA and Authorization groups, national Grid Projects and Globus
    • To contribute to the various versions of the Architecture of the EU DataGrid via input to ATF.
scg deliverable documents
SCG Deliverable Documents
  • D7.5 (EDG Security Requirements and Testbed 1 Security Implementation) edited and largely written by RAL (Linda Cornwall) Contributions from various WP’s, major contributions from the Oxford team.
  • D7.6 (EDG Security Design) – currently in preparation, major contributions from UK people (Manchester, RAL, Oxford.)
  • D7.7 (Security Report on the final project release) (due end of 2003).
certificate authorities ca s
Certificate Authorities (CA’s)
  • The CA WG has defined the minimum requirements and best practise for CA’s
  • Approx 20 edg CA’s
  • (Easy downloading of CA rpm’s to set up acceptance of various CA’s certificates, tools for keeping CRL’s up to date.)
  • Building intercontinental and inter-project trust – e.g. Crossgrid
  • Interoperability with Kerberos CA’s. In particular Fermilab
security deployment
Security Deployment
  • VOMS (Virtual Organization Management Service) will not be deployed until April
    • (VOMS signs a user’s proxy to confirm membership and roles within a Virtual Organisation.)
  • Many of the WP’s are only now integrating Security into their middleware
  • Difficult to feed into GridPP due to deployment being close to the end of GridPP.
security and gridpp2 middleware
Security and GridPP2 Middleware
  • Re-Engineering Middleware to move towards Service/Industrial quality. (FP6)
  • Re-engineering security middleware for interoperability between different systems.
  • Improving Security integration with GridPP developed middleware.
    • Integrating security that is being developed
    • Integrating Security that has been re-engineered.
    • Possibly Making Security OGSA compliant.
    • E.g. R-GMA at RAL.
security middleware analysis
Security Middleware Analysis
  • 2 aspects
    • Is the design secure?
    • Is the implementation secure?
  • It is possible to carry out a formal analysis of Security Design, there are experts in this at Oxford.
  • So far, have not been able to complete this – as the design has not been defined precisely enough to fully carry out this analysis.
future security involvement
Future Security Involvement
  • GridPP2 needs to be involved in Security to ensure
    • Middleware is secure
    • Middleware is adequate to satisfy requirements
    • Our policies are defined correctly
    • Sites have confidence in our Security
    • We feed into other major projects - EGEE, LCG
    • We contribute at an international/intercontinental level to the definition of standards. E.g. GGF.
  • Focus will move towards Procedures and Deployment
  • David Kelsey has been asked to lead the Security Group for LCG grid deployment policy.
ad