50 likes | 182 Views
Update JRA1 Security Work. C.Witzig / J.White. Content. Update on Joint work between MWSG and OSCT Security coordination work after latest EGEE-OSG coordination meeting Update on authorization work Purpose: Give a short update on current security work within JRA1
E N D
Update JRA1 Security Work C.Witzig / J.White
Content • Update on • Joint work between MWSG and OSCT • Security coordination work after latest EGEE-OSG coordination meeting • Update on authorization work • Purpose: • Give a short update on current security work within JRA1 • For purely informational purpose To change: View -> Header and Footer
Joint Work MSWG - OSCT • Follow up on CSRF • As pointed out by OSCT • 2nd iteration now - to be reported in ≈ 1 month • Documentation on “how to ban users” • Template from OSCT • To be filled by JRA1 • Tools for traceability needed (from OSCT) To change: View -> Header and Footer
EGEE-OSG Coordination Meeting • Discussed need for common security related command line toolbox • In line with recommendation #3 from authZ study (see https://edms.cern.ch/document/887174/1) • Discussed command line tools for • Checking credentials • Find out how credentials are being mapped (proxy w/ VOMS AC --> uid, gid) • Banning tool • etc • Internal draft exists, to be distributed by the end of this week to • JRA1 developers for feedback on feasibility and work involved • Site administrators for feedback on usefulness and requirements To change: View -> Header and Footer
Follow-up on authZ Study • Need to finalize work plan for implementing • Pattern matching rules • LCAS/LCMAPS modification (“most significant match”) • And corresponding change in WMS • Design on new authZ service on-going • With current focus on PAP-PDP • With EES somewhat on the back burner • Draft available in early July To change: View -> Header and Footer