Introduction
People
Agenda
- Wei Jie presentation on authentication/authorisation service for the e-Infrastructure
- Opportunity for everyone to offer feedback and help with use cases.
- This should be of particular interest to those involved in work for the e-Infrastructure that have security requirements.
Documentation
- Links to Portal Resources
- ...
Notes
- I had problems connecting, but the problems were more at the server end it seems. I tried unicast and multicast and probably should have tried a bridge, but didn't. For detials see the following:
- Wei presented and Junaid and I joined the meeting from my office and we tried to catch up.
- In the feedback session:
- I pointed to Junaid's MSc thesis which I had uploaded on Tuesday.
- Wei said he had already read it.
- Junaid made some points along the following lines:
- One of the problems we are facing in MoSeS is the confidential nature of the data and that Security of the data itself did not seem to be being addressed.
- In Junaid's MSc Thesis he advocated integrating PERMIS and Shibboleth.
- GridShib and ShibGrid are projects integrating Shibboleth and Globus.
- OGSA-DAI is part of Globus which is built on GSI built on PKI with inherent limitations.
- Wei is to meet with MoSeS (Junaid, Paul Townend, Andy) to talk about Security:
- Junaid strongly encouraged collaboration.
- This could be part of the same meeting as when Rob Allan and Xiaobo Yang come to Leeds.
- It has been suggested that a date in early December would be good, but this is yet to be arranged.
- I lost connection towards the end of the meeting.
- After the meeting Junaid and I had a chat:
- It would have been good to catch up before this meeting so that I could brief Junaid about the meeting on Tuesday.
- Junaid does not yet have access to the NCeSS e-IP Worksite on the portal.
- Andy is to sort this out.
- Junaid still does not have a web home page:
- Paul is to sort this out.
- Junaid has talked to Paul and plans to investigate whether SRB is an alternative to OGSA-DAI.
- We know SRB is a virtual file system, but is it more and what does it have in terms of security?
- Slide 22 is vague and there is a contrary typo.
- In terms of MoSeS work, Junaid is of the opinion that moving from Gridsphere to Sakai is not a security problem.
- That is prinicpally right because both are based on tomcat, however:
- Sakai requires a dedicated tomcat instance and Shibboleth and PERMIS tie tomcat to apache.
- The potential issues being multiple apache webservers on the same resource.
- This might be a Red Herring, but Junaid is going to look into it.
Action List
- Andy Turner
- Arrange meeting in Leeds with Xiaobo Yang, Rob Allan, Wei Jie, Junaid Arshad, Paul Townend and possibly others.
- Get Junaid Arshad added to the ESRC e-IP Worksite on the NceSS Portal.
References
![[Validate XHTML 1.0]](http://www.geog.leeds.ac.uk/people/a.turner/images/valid-xhtml10.png "W3C XHTML 1.0 Validation")
![[Validate CSS]](http://www.geog.leeds.ac.uk/people/a.turner/images/vcss.gif "W3C CSS Validation")
![[An image of Andy Turner]](http://www.geog.leeds.ac.uk/people/a.turner/a.turner.png)