Presentation at TF-aace workshop in

Slides:



Advertisements
Similar presentations
Authentication Authorization Accounting and Auditing
Advertisements

--- IT Acumens. COMIT Acumens. COM SNMP Project. AIM The aim of our project is to monitor and manage the performance of a network. The aim of our project.
Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu
Internet Peer-to-Peer Application Infrastructure Darren New Invisible Worlds, Inc.
Central Authentication Service Roadmap JA-SIG Winter 2004.
KERBEROS A NETWORK AUTHENTICATION PROTOCOL Nick Parker CS372 Computer Networks.
CSE300-1 Profs. Steven A. Demurjian Q. Jin, J. Nam, Z. Qian and C. Phillips Computer Science & Engineering Department 191 Auditorium Road, Box U-155 The.
MyProxy: A Multi-Purpose Grid Authentication Service
Privilege Management and Spocp Presentation at Advance CAMP Authority Architecture – Broomfield, Colorado July 2, 2004 by Roland Hedberg.
SEVA: Securing Extranets Yves ROUDIER, Refik MOLVA Institut Eurécom
Technical Architectures
V.S. Subrahmanian University of Maryland 1 IMPACT: Future Directions (years 3 and 4)
UPortal.Cornell Using uPortal to integrate disparate campus systems Jon Atherton, Cornell Information Technologies
Chris Shuster 4/29/2009 1Chris Shuster.  Application Servers ◦ Backend processing platform. ◦ Multiple platforms, operating system and architecture.
Virtual Observatory Single Sign-on U.S. National Virtual Observatory National Center for Supercomputing Applications Ray Plante, Bill Baker.
Web programming for project students Dr Jim Briggs.
SNMP & MIME Rizwan Rehman, CCS, DU. Basic tasks that fall under this category are: What is Network Management? Fault Management Dealing with problems.
Session-01. What is a Servlet? Servlet can be described in many ways, depending on the context: 1.Servlet is a technology i.e. used to create web application.
TOPIC 1 – SERVER SIDE APPLICATIONS IFS 234 – SERVER SIDE APPLICATION DEVELOPMENT.
Sys Prog & Scripting - HW Univ1 Systems Programming & Scripting Lecture 15: PHP Introduction.
Web Application Architecture and Communication. Displaying a Web page in a Browser
SWITCHaai Team Introduction to Shibboleth.
Chapter 4 Legacy Systems Integration (Integration between the L.S. and the Web)
August 20, 2003 Slide 1 A Middleware Service for Policy Based Authorization Presentation at Nordunet 2003 by Roland Hedberg.
UNIT Enheten för IT-stöd What is going on in: Sweden Joakim Björklund Director of IT services division Linköpings universitet
GT Components. Globus Toolkit A “toolkit” of services and packages for creating the basic grid computing infrastructure Higher level tools added to this.
Module 5 Configuring Authentication. Module Overview Lesson 1: Understanding Classic SharePoint Authentication Providers Lesson 2: Understanding Federated.
10/25/20151 Single Sign-On Web Service Supervisors: Viktor Kulikov Alexander Sherman Liana Lipstov Pavel Bilenko.
UHD::3320::CH121 DESIGN PHASE Chapter 12. UHD::3320::CH122 Design Phase Two Aspects –Actions which operate on data –Data on which actions operate Two.
World Domination in AuthN space Starting in the Netherlands… TF-AACE workshop, Malaga, November 2003 Ton Verschuren SURFnet.
SPOCP – general authorisation server Presentation at TF-aace meeting in Stockholm 26 nov 2002 Roland Hedberg.
JISC Middleware Security Workshop 20/10/05© 2005 University of Kent.1 The PERMIS Authorisation Infrastructure David Chadwick
1 MSCS 237 Overview of web technologies (A specific type of distributed systems)
© 2004 OPNET Technologies, Inc. All rights reserved. OPNET and OPNET product names are trademarks of OPNET Technologies, Inc. ARMing Apache David Carter.
Case Study Dynamic Website - Three Tier Architecture
Web Services Tiered Internet Authorization (WSTIERIA) 21 June 2011 Fiona Culloch
Final Class Diagram for C++ Implementation Clickermatic Software Clicker.
Saving State on the WWW. The Issue  Connections on the WWW are stateless  Every time a link is followed is like the first time to the server — it has.
Data Objects and Message Types 49 th IETF AAAarch Research Group David Spence Interlink Networks.
Authorization GGF-6 Grid Authorization Concepts Proposed work item of Authorization WG Chicago, IL - Oct 15 th 2002 Leon Gommans Advanced Internet.
Module 13: Enterprise PKI Active Directory Certificate Services (AD CS)
What are our conclusions? What is the take-home work?
INTRODUCTION Firewall is a concept which blocks unwanted traffic and passes desirable traffic to and from both sides of the network.
Basics of JDBC Session 14.
Security Middleware 3 June 2004 Security Middleware Current Status – GridSite deployments – Architecture GridPP2 – Web services.
PAPI-PERMIS Integration Project Proposal David Chadwick
INFSO-RI Enabling Grids for E-sciencE Web Services Mike Mineter National e-Science Centre, Edinburgh.
(ITI310) By Eng. BASSEM ALSAID SESSIONS 10: Internet Information Services (IIS)
1 PHP Intro PHP Introduction After this lecture, you should be able to: Know the fundamental concepts of Web Scripting Languages in general, PHP in particular.
Ákos FROHNER – DataGrid Security n° 1 Security Group TODO
Final Fantasy ½: IOC Overview Team Q CSE 403 Winter ‘03 I’ve got something special for you.
MyUWO Portal Updates By: Emily Al Bulushi Richard Sheppard Steven Beshensky.
Homework 5 DNS 、 HTTPD 、 SNMP. Requirements One dedicated domain name for yourself Setup DNS server with following records  SOA, NS, MX  Make them reasonable.
A Presentation Presentation On JSP On JSP & Online Shopping Cart Online Shopping Cart.
A service Oriented Architecture & Web Service Technology.
Owen McShane Northgrid systems manager Christmas talk Dec 2006.
Some basics of a AAA Control model
Integration of and Third-Generation Wireless Data Networks
Punching data to the authentication server
Java Distributed Computing
Some bits on how it works
Power BI Security Best Practices
PHP / MySQL Introduction
Migrating Oracle Forms Using Oracle Application Express
MEAN stack L. Grewe.
O. Otenko PERMIS Project Salford University © 2002
Internet Protocols IP: Internet Protocol
Groups and Permissions
GNOMIS – the northern light TF-AACE, Ingrid Melve, UNINETT
Zero Touch Provisioning for NETCONF/RESTCONF Call Home draft-ietf-netconf-zerotouch-19 NETCONF WG IETF 100 (Singapore)
Presentation transcript:

Presentation at TF-aace workshop in Spocp update Presentation at TF-aace workshop in Malaga 2003-11-20 by Roland Hedberg roland@it.su.se

For those who hasn't heard about Spocp before Spocp is a generalised rule based authorisation service Spocp is based on a simple but very powerful policy language ( S-expressions ) Through backends Spocp can use external resources during its rule evaluation. Spocp is built to support network based applications Can be used in pull, agent or push sequence AA

To be a Standard or not What defines an open standard ? Presently not a 'standard' by any definition Will probably be placed on the IETF standards track

So what has happened on the software horizon since last ? Slight changes to the protocol Server changes Backends as dynamic modules Backends can return dynamic 'blobs' 'blobs' can be Mime typed C, Java and Perl client libraries A couple of new backends Cert, sql, regexp, system, spocp Multiple 'server' implementations REBOL (only sketched ) Java

Deployment Karolinska Institutet,Stockholm Stockholms Universitet Identity and role management systems uPortal Stockholms Universitet Apache and uPortal ssh/rsh Umeå Universitet Apache Delegation chains RIPE

Tickets S-expressions passed around in kerberos tickets Spocp tickets Give your friend one Buy one at the shop around the corner

The project Website: http://www.spocp.org Mailing list: discuss@spocp.org CVS: soon Building a lasting organization

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.