Information Technology Reference
In-Depth Information
Fig. 12.2:
The VO Lifecycle
12.2.1.3 The Security Value-Adding Services
The Security value-adding services used in this experiment were developed by
the Trust & Security Theme of the BEinGRID project. This theme includes tech-
nical innovation that addresses areas where a perceived and actual lack of security
appears to inhabit commercial adoption of SOI technologies. It includes solutions
for brokering identities and entitlements across enterprises, managing access to
shared resources, analyzing and reacting to security events in a distributed infra-
structure, and securing multi-tenancy hosting. These innovations underpin solutions
offered in VOM and several other categories.
Out of the work done in this theme, four capabilities have been retained for use
in this experiment.
The first capability is a security token service (SOI-STS) which provides Identity
and Federation management: it allows, on the one hand, the management of the life-
cycle of circles of trust between providers, and therefore the life-cycle management
of federation of trust realms, and on the other hand, managing the life-cycle of iden-
tities and privileges of users and resources within such federations of trust realms.
The obvious benefits of offering these as network-hosted services that can be inte-
grated with application services through the VHE include:
• Facilitating the creation of communities of identity providers that enable iden-
tity brokerage and management by supporting open standards such as Liberty
Alliance, SAML and WS-Federation, and therefore giving rise to new means of
revenue generation. Indeed the SOI-STS can be exposed in the SaaS approach
and sold to external customers.
