= NDG Security = NERC !DataGrid Security is both an architecture and implementation for federated identity management and access control. It was first developed for the NERC !DataGrid and has been extended to support the Earth System Grid Federation under development to support secure access to the federated data archive for CMIP5 (The Coupled Model Intercomparison Project). [[PageOutline]] == Projects == * [wiki:ESGF ESGF]: Federated Access control infrastructure for the Earth System Grid Federation, includes architectural overview * [wiki:MashMyData MashMyData]: a NERC funded demonstrator project to create a portal environment for users to combine their data with datasets from distributed sources. It will trial access control with multihop delegation in a workflow. * [wiki:NDG3 NERC DataGrid 3 Project Activities] * [wiki:TI12_Security Old Project home pages] == Development Activities == === `ndg_security` Python Packages === * [wiki:ndg_security ndg_security]: background information, installation and configuration details for the Python code base for NDG Security. It uses the `ndg_saml`, `ndg_xacml` and `MyProxyClient` packages. === `ndg_saml` === * [wiki:SAML2.0 ndg_saml]: The Python SAML 2.0 implementation developed for NDG Security and the Earth System Grid Federation === `ndg_xacml` === * [wiki:XACML ndg_xacml]: Python implementation of XACML, eXtensible Access Control Markup Language developed for CEDA (Centre for Environmental Data Archival). === netCDF C API Extension for SSL based authentication with OPeNDAP === * [wiki:netCDF-ESGSecurityExtension netCDF C API Extension]: modifications to the netCDF API for the Earth System Grid Federation to enable PKI based authentication. === MyProxyClient === * [wiki:MyProxyClient MyProxyClient]: Python implementation of the client interface to the !MyProxy Credential Management Service === MyProxyWebService === * [wiki:MyProxyWebService MyProxyWebService]: a Python WSGI application which presents a HTTPS interface to the !MyProxy Credential Management Service logon and get trust roots operations.