Site Acces s Control work Security Infrastructure and Authorization PGs

1. Site Access Control workSecurity Infrastructure and Authorization PGs David Groep, et al. Nikhef

2. Products ‘Site Access Control’ in Security and AuthZ Product Groups gLExec • Unix credential translation service • Today used in CREAM CE (once) and for MUPJs Argus EES • Execution Environment Service – everything site-local LCAS & LCMAPS • Supporting subsystems for many of the current services • Used in gLExec, SCAS, as a Argus front-end, for GK, GridFTP, and other services in progress or already there SCAS • Site Central Authorization Service • Built mainly for current deployment of gLExec for MUPJs gLExec and OS integration – JRA1 All Hands February 2008

3. Tasks until the end of EGEE-III gLExec (version 0.7, #10113, 2010-01-31) Releasing version for remaining ‘non-critical’** vulnerabilities • LCAS (version 1.3, #10114, 2010-01-31)Bug fixes, in support of gLExec • LCMAPS (version 1.4, #10115, 2010-01-31)Bug fixes, in support of gLExec • Log format changes for above as per open site requests/bugs Critical bug fixes to all currently supported products; such as the GT4 Authorization compatibility interface and SCAS gLExec and OS integration – JRA1 All Hands February 2008

4. More Security Infra: until the end Hydra MyProxy TrustManager gLExec and OS integration – JRA1 All Hands February 2008

5. Tasks until the end of EGEE-III Argus EES (initial release, #10120) • Enable site interaction for Argus • Home-on-AFS directory support, • uid/gidmapping for all major nsswitch/pam back-ends • scripting interface, • LRMS interface, • Allow (independent) extensions for VM/cloud interfaces • Needs finalization of interactions with PDP (tomorrow) gLExec and OS integration – JRA1 All Hands February 2008