Discussions on the Life Ray Portal and credential
- Slides: 13
Discussions on the Life Ray Portal and credential management David Groep, Oct 11 th, 2011
David Groep – davidg@eugridpma. org TAGPMA 13 and OGF 32 – Jul 2011 - 2
David Groep – davidg@eugridpma. org TAGPMA 13 and OGF 32 – Jul 2011 - 3
David Groep – davidg@eugridpma. org TAGPMA 13 and OGF 32 – Jul 2011 - 4
David Groep – davidg@eugridpma. org TAGPMA 13 and OGF 32 – Jul 2011 - 5
David Groep – davidg@eugridpma. org TAGPMA 13 and OGF 32 – Jul 2011 - 6
David Groep – davidg@eugridpma. org TAGPMA 13 and OGF 32 – Jul 2011 - 7
David Groep – davidg@eugridpma. org TAGPMA 13 and OGF 32 – Jul 2011 - 8
Separation of security functions David Groep – davidg@eugridpma. org TAGPMA 13 and OGF 32 – Jul 2011 - 9
David Groep – davidg@eugridpma. org TAGPMA 13 and OGF 32 – Jul 2011 - 10
EUGrid. PMA discussion · Separation of functions · thin portal: all credential management on dedicated box · may combine bridge, My. Proxy and Uploader on 1 box · Quality of Id. M is governed by MICS acceptability · i. e. must be of comparable Lo. A as TCS Personal · including eligibility requirements · Make sure superfluous keypairs are removed · only the proxy is needed, just like in the uploader case · remove MICS keypair when proxy generation completes · Portal security box acts like a UI to the user · only on explicit request of user & under user control · covered under PKP Guidelines – seems similar to the common ‘remote UI’ use case David Groep – davidg@eugridpma. org TAGPMA 13 and OGF 32 – Jul 2011 - 11
Proliferation · Aim to have a limited number of credential management systems, for potentially many portals. But initially one for Italy · Leverage existing MICS CAs as far as possible · no new CA for each portal or portal instance · aim to leverage TERENA TCS e. Science Personal · but policy compatibility should still be understood · acceptability of portal instance comes down to CA, i. e. not revoking the certs · it is the MICS CA policy that must be satisfied · PMA only looks at CAs (not at the portals, please) David Groep – davidg@eugridpma. org TAGPMA 13 and OGF 32 – Jul 2011 - 12
Next steps · Updated design white paper will reflect changes · Prototype will be developed and demonstrated at later date to appropriate PMAs · Roberto C (and TCS PMA ; -) to study compatibility with TCS Personal Should be a significant step towards better usability! David Groep – davidg@eugridpma. org TAGPMA 13 and OGF 32 – Jul 2011 - 13
- Speaking and listening: effective group discussions
- Terminal ray definition
- Ray casting algorithm
- Classroom discussions in math
- 5 practices for orchestrating productive math discussions
- Ray model of light
- Credential guard and keyguard
- Pdis credential levels
- Cdos credential
- France grading system
- Tier 2 vocabulary
- Windows credential editor wce
- Micro enterprise credential exam
- Login problem in eway bill