Changes between Version 5 and Version 6 of MashMyData
- Timestamp:
- 05/07/10 13:46:25 (11 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
MashMyData
v5 v6 18 18 i. [wiki:MashMyData/MyProxy MyProxy Based]: use [http://grid.ncsa.illinois.edu/myproxy/ MyProxy] as a credential store. The portal uploads a user credential to (a) !MyProxy server(s) which services can access on the users behalf and use to obtain delegated user credentials in order to access other secured services. - Service A, is trusted by the !MyProxy server C. Before accessing service B, it requests a delegated user credential from C. It uses the user credential to access service B. 19 19 i. Without !MyProxy: the principle of services obtaining delegated credentials remains the same but there is no !MyProxy server to acts as a broker of user credentials. The [http://www.ivoa.net/Documents/CredentialDelegation/ IVOA Credential Delegation Model] provides an elegant RESTful interface for brokering proxy credentials between services in a workflow. 20 * '''Pros''': Well tried and tested solution in the Grid community, enables integration with other Grids. ESG Security already supports PKI based authentication, but ... 20 * '''Pros''': 21 a. Well tried and tested solution in the Grid community, enables integration with other Grids e.g. Climate-G. 22 a. ESG Security already supports PKI based authentication and hosts !MyProxy based services, but ... 21 23 * '''Cons''': 22 24 a. Currently no ESG Java implementation to support authentication using proxy certificates. A filter would need to be implemented. CEDA's Python implementation ''does'' already support proxy certificates.