r13 - 19 Jan 2005 - 17:25:00 - NickSharmanYou are here: myGrid wiki > 
Mygrid Web > WorkInProgress > SecurityArchitecture
Mygrid Web > WorkInProgress > SecurityArchitecturemyGrid security architecture
In designing the myGrid security architecture, a 5 stage process generally used in the security engineering process is adopted. 1. Primary purpose and goals of the project 2. High-level security requirements 3. Identifying risks and the cost of compromise 4. Selection of security technologies on the basis of a cost benefit analysis 5. Definition of operational responsibilities: development, maintenance and response. Stage 1 and 2 have been completed through the use of a questionnaire that was distributed to all leaders of the various work packages as well the industrial partners in order to illicit a response with regards to the high level requirements. The responses have been tabulated and a short summary of them has been completed. Corresponding to stage 3 of the security engineering process, a second questionnaire which focuses on asset based security risk assessment has been distributed as a follow-up to the first questionnaire, and the responses are also short summarized. We are now in the midst of refining a security policy that will involve selection of the appropriate security software technologies for the eventual operational implementation. -- VictorTan - 05 Aug 2004Basic Web Service Security
For use within the life of the project we will adopt the simple-minded approach described in StopgapSignon. This provides only a minimum of protection while a more principled architecture is developed. -- NickSharman - 19 Jan 2004 IBM has a good article on how to implement very basic security using Tomcat and Axis. http://www-106.ibm.com/developerworks/webservices/library/ws-sec1.html -- ChrisWroe - 08 Jun 2004 Guideline for authenticating Web Service clients using HTTP Basic Authorization over SSL for services deployed in Tomcat/Axis. Example of using JAAS to perform authentication and authorization on a Java application. This example uses username/encrypted password. Guideline to deploying a standard Axis service in the OMII distribution so that it can use the WS-Security facility of OMII to verify signatures and obtain X500 distinguished names. Guideline to creating a client that can make signed SOAP invocations to a standard Axis service that is deployed in the OMII distribution using the WS-Security facility.Security requirements
See SecurityArchitectureNotes. -- NickSharman - 14 Dec 2004
Show attachments
Hide attachments
| I | Attachment | Action | Size | Date | Who | Comment |
|---|---|---|---|---|---|---|
 doc | OMIISecureClient.doc | manage | 44.0 K | 24 Jul 2006 - 09:40 | VictorTan | Guide to creating a secure OMII client |
| doc | summary.doc | manage | 291.5 K | 24 Jul 2006 - 09:40 | VictorTan | Summary of response for high-level requirements |
| doc | originalsecurity.doc | manage | 107.0 K | 24 Jul 2006 - 09:40 | VictorTan | High level requirements questionnaire |
| doc | OMIIsecureguide.doc | manage | 39.5 K | 24 Jul 2006 - 09:40 | VictorTan | Guide to deploying a secure OMII service |
| doc | secondsummary.doc | manage | 160.0 K | 24 Jul 2006 - 09:40 | VictorTan | Summary of response for risk assessment |
| doc | tabulate.doc | manage | 333.0 K | 24 Jul 2006 - 09:40 | VictorTan | Compiled response for high level requirements |
| doc | riskassesssecurity.doc | manage | 137.0 K | 24 Jul 2006 - 09:40 | VictorTan | Risk assessment questionnaire |
| doc | initialsecuritypolicy.doc | manage | 42.0 K | 24 Jul 2006 - 09:40 | VictorTan | Initial security policy draft |
 jar | example.jar | manage | 35.8 K | 24 Jul 2006 - 09:40 | VictorTan | JAAS authorization example |
| doc | myGridSSLv2.doc | manage | 53.0 K | 24 Jul 2006 - 09:40 | VictorTan | Guideline for HTTP Auth over SSL |
Log In
Mygrid Web
Users
Groups
Index
Search
Changes
Notifications
Statistics
Preferences
Bioinformatics
amateur clips
amateur movies
amateur videos
anal clips
anal movies
anal videos
asian clips
asian movies
asian videos
fat bbw clips
fat bbw movies
fat bbw videos
black ebony clips
black ebony movies
black ebony videos
fuck clips
fuck movies
fuck videos
latina clips
latina movies
latina videos
lesbian clips
lesbian movies
lesbian videos
milf clips
milf movies
milf videos
shemale clips
shemale movies
shemale videos
teen clips
teen movies
teen videos
big tits clips
big tits movies
big tits videos
blowjob clips
blowjob movies
blowjob videos
group ogry clips
group ogry movies
group ogry videos
interracial clips
interracial movies
interracial videos
amateur movies
amateur videos
anal clips
anal movies
anal videos
asian clips
asian movies
asian videos
fat bbw clips
fat bbw movies
fat bbw videos
black ebony clips
black ebony movies
black ebony videos
fuck clips
fuck movies
fuck videos
latina clips
latina movies
latina videos
lesbian clips
lesbian movies
lesbian videos
milf clips
milf movies
milf videos
shemale clips
shemale movies
shemale videos
teen clips
teen movies
teen videos
big tits clips
big tits movies
big tits videos
blowjob clips
blowjob movies
blowjob videos
group ogry clips
group ogry movies
group ogry videos
interracial clips
interracial movies
interracial videos
 |
|
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding myGrid wiki? Send feedback