Changes between Version 4 and Version 5 of MashMyData


Ignore:
Timestamp:
05/07/10 13:45:07 (9 years ago)
Author:
pjkersha
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • MashMyData

    v4 v5  
    1717 1. [http://www.ietf.org/rfc/rfc3820.txt Proxy certificates]: There are different ways of implementing this: 
    1818   i. [wiki:MashMyData/MyProxy MyProxy Based]: use [http://grid.ncsa.illinois.edu/myproxy/ MyProxy] as a credential store.  The portal uploads a user credential to (a) !MyProxy server(s) which services can access on the users behalf and use to obtain delegated user credentials in order to access other secured services.  - Service A, is trusted by the !MyProxy server C.  Before accessing service B, it requests a delegated user credential from C.  It uses the user credential to access service B. 
    19    i. Without !MyProxy: the principle of services obtaining delegated credentials remains the same but there is no !MyProxy server to acts as a broker of user credentials.  The [IVOA Credential Delegation Model http://www.ivoa.net/Documents/CredentialDelegation/] provides an elegant RESTful interface for brokering proxy credentials between services in a workflow. 
     19   i. Without !MyProxy: the principle of services obtaining delegated credentials remains the same but there is no !MyProxy server to acts as a broker of user credentials.  The [http://www.ivoa.net/Documents/CredentialDelegation/ IVOA Credential Delegation Model] provides an elegant RESTful interface for brokering proxy credentials between services in a workflow. 
    2020   * '''Pros''': Well tried and tested solution in the Grid community, enables integration with other Grids.  ESG Security already supports PKI based authentication, but ... 
    2121   * '''Cons''':