Fermilab Computing Division

CS Document 3918-v1

Adoption of a SAML-XACML Profile for Authorization Interoperability across Grid Middleware in OSG and EGEE

Document #:
CS-doc-3918-v1
Document type:
Presentation
Submitted by:
Gabriele Garzoglio
Updated by:
Gabriele Garzoglio
Document Created:
17 May 2010, 14:00
Contents Revised:
31 Jan 2011, 15:45
Metadata Revised:
31 Jan 2011, 15:45
Viewable by:
  • Public document
Modifiable by:

Quick Links:
Latest Version

Abstract:
The Authorization Interoperability activity was initiated in 2006 to foster interoperability between middleware and authorization infrastructures deployed in the Open Science Grid (OSG) and the Enabling Grids for E-sciencE (EGEE) projects. This activity delivered a common authorization protocol and a set of libraries that implement that protocol. In addition, a set of the most common Grid gateways, or Policy Enforcement Points (Globus Toolkit v4 Gatekeeper, GridFTP, dCache, etc.) and site authorization services, or Policy Decision Points (LCAS/LCMAPS, SCAS, GUMS, etc.) have been integrated with these libraries.

At this time, various software providers, including the Globus Toolkit v5, BeStMan, and the Site AuthoriZation service (SAZ), are integrating the authorization interoperability protocol with their products. In addition, as more and more software supports the same protocol, the community is converging on LCMAPS as a common module for identity attribute parsing and authorization call-out. This paper presents this effort, discusses the status of adoption of the common protocol and projects the community work on authorization in the near future.

Associated with Events:
CHEP 2010 held from 18 Oct 2010 to 22 Oct 2010 in Taipei, Taiwan
DocDB Home ]  [ Search ] [ Authors ] [ Events ] [ Topics ]

DocDB Version 8.8.9, contact Document Database Administrators