Changes between Version 5 and Version 6 of MashMyData


Ignore:
Timestamp:
05/07/10 13:46:25 (10 years ago)
Author:
pjkersha
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • MashMyData

    v5 v6  
    1818   i. [wiki:MashMyData/MyProxy MyProxy Based]: use [http://grid.ncsa.illinois.edu/myproxy/ MyProxy] as a credential store.  The portal uploads a user credential to (a) !MyProxy server(s) which services can access on the users behalf and use to obtain delegated user credentials in order to access other secured services.  - Service A, is trusted by the !MyProxy server C.  Before accessing service B, it requests a delegated user credential from C.  It uses the user credential to access service B. 
    1919   i. Without !MyProxy: the principle of services obtaining delegated credentials remains the same but there is no !MyProxy server to acts as a broker of user credentials.  The [http://www.ivoa.net/Documents/CredentialDelegation/ IVOA Credential Delegation Model] provides an elegant RESTful interface for brokering proxy credentials between services in a workflow. 
    20    * '''Pros''': Well tried and tested solution in the Grid community, enables integration with other Grids.  ESG Security already supports PKI based authentication, but ... 
     20   * '''Pros''':  
     21    a. Well tried and tested solution in the Grid community, enables integration with other Grids e.g. Climate-G. 
     22    a. ESG Security already supports PKI based authentication and hosts !MyProxy based services, but ... 
    2123   * '''Cons''':  
    2224    a. Currently no ESG Java implementation to support authentication using proxy certificates.  A filter would need to be implemented.  CEDA's Python implementation ''does'' already support proxy certificates.