Information Technology Reference
In-Depth Information
There are numerous authorization frameworks available today and we
have tried to give an overview of the functionality and suitability of some
of the most prominent of these. Of those we have listed here, the PERMIS
middleware is arguably the most mature solution, with tools available for
security policy specii cation and enforcement, for linkage to grid services
in a generic manner, and for linkage to Shibboleth. It is still the case that
wider uptake and application across a range of different scenarios is needed
before the solutions can be hardened into real products however. For exam-
ple, considerable effort is still required for deployment and coni guration
of PERMIS and its interworking with Globus, OMII, and Shibboleth solu-
tions. This will no doubt resolve in time, but requires more community
effort in exploring practical experiences of these solutions and seeing
whether they meet critical needs of the research community.
Issues not discussed here but essential to consider include fabric man-
agement. Grids will always be seen as a threat if they ignore the issue of
fabric management. A unii ed treatment and associated framework for
analyzing the security of grid applications, grid middleware, and the
underlying OS is needed. If VOs are to be truly secure, then blindly trust-
ing partners to take necessary steps is naïve. Instead, tools are needed to
assess the security infrastructures and software across sites before VOs
are established. Will site X want to collaborate with site Y if they allow
telnet access, or are they using an older version of software with known
security holes? Coni guration management needs to be brought to the fore
in understanding the establishment, management, and monitoring of VO
fabrics. This may well include patterns of usage, for example. Exploratory
work in this area is presented in [37].
Shibboleth represents a clear opportunity to overcome the current issues
with PKI-based security. Trust federations at an institutional level where
users can authenticate at their home site and have appropriate attributes
released to service providers (which will use them to make authorization
decisions) change the dynamic of security. There has always been a large
degree of trust in the grid community: trust of users, trust of sites, trust of
CAs, and so on. Hence Shibboleth does not add a new trust requirement
especially. Instead trust is moved to IdPs (and ensures that they have
appropriately strong authentication and authorization schemes) and
WAYFs (which ensure that the “correct” IdPs are identii ed and matched
with SPs).
Understanding what attributes are needed in the grid community is
essential. Many solutions may only require that the DN is passed over, for
example, so that accounting and logging of the resource usage for that
individual can be achieved; that is, no further attributes are needed to
make an authorization decision. Other more prescriptive VOs may require
more information such as VO membership, role of the user, and so on. The
ability to map such attributes into a form that Shibboleth can make use of
is needed. Once such scenarios can be supported, more understanding of
Search WWH ::
Custom Search