AuthZ WG Home Documents: Framework Glossary Requirements Archive: GGF8 Minutes GGF8 Agenda Telco 2003-06-03 Telco 2003-05-27 Telco 2003-05-20 GGF7 #1 - GGF7 #2 GGF7 Agenda Telco 2003-02-26 Telco 2003-02-19 Telco 2003-02-12 Telco 2003-02-07 BOF Agenda BOF Minutes BOF Handout Related Efforts Current users: guest (web) guest (web) guest (web) |
Telecon 2003-02-26, 11am - 11:30am ESTNotes by Jim Basney Attending:
Markus: Does everyone agree with terms or is everyone too busy? Consensus is that everyone is too busy. Agenda: 1. Consensus on what to do with document of terms 2. List of issues (discussion points) for GGF7 meeting The group has 2 90 minute meeting times at GGF7. General issues, glossary, and requirements summary document to be discussed in first meeting. Framework document to be discussed in second meeting. Markus likes Leon's terms and also likes Mary's suggestion of more intuitive terms. Use "initiator" and "target" ISO terms? ISO assumes a particular sequence model. Do the terms imply that model? Not everything is a service. Target may be a better term. Mary: What about resource? Is target the service provider or the resource? Access to resource is through some gateway program. Do we need to differentiate between resource and gateway? Leon's terms are network-oriented. Can they apply more generally to the Grid context? Service provider may be different entity than entity authoritative for resource. Example: Medical documents. Doctor provides access to records to insurance company. Files: file owner, disk/storage provider, file access service (gridftp) Gateway program doesn't provide policy; it enforces policy. Authorization Authority is too close to Attribute Authority. Should we use stakeholder instead? Or source of authority (SOA, from X.509 identity certificates)? Does it imply a single SOA? Authorization has a number of meanings. In ISO, access control information and authorization information. Other people may call it policy or privileges. Need to define what is passed around by entities in the framework. Mary likes access control and policy. Markus wants to avoid policy. Information is a higher-level term. AAA Arch research group identitied many different policies in the architecture. Can we find the old internet draft? Is policy an XML file, a legal document? Can be misinterpreted. Policy is more than just a single privilege. Privilege together with a site policy can determine an access policy (yes/no decision). Don't always need to pass policies around. Policies may be relatively stable. Policy is typically fetched when you try to evaluate a request. You pose an authorization request against a policy. Should we modify the documents for GGF7 discussion? Could include alternatives for terms in the document. Can't change the online version of the document anymore. Markus will post drafts online. Need to discuss terms at GGF. Put them in the glossary. Krishna will propose a discussion outline for framework document. Requirements document isn't ready? Hope to get requirements from participants in GGF meeting. Can we meet socially before the official sessions in Tokyo? Will be announced on mailing list. See you in Tokyo! |
| /public/users/mlorch/Grid-AuthZ/Telecon Minutes 2003-02-26 | Login | Web Editor | Full Editor |
| Last modified 2/26/03 12:12 PM by mlorch (history) Site contents | |