Presentation is loading. Please wait.

Presentation is loading. Please wait.

EGEE is a project funded by the European Union under contract IST-2003-508833 Global Security Architecture Olle Mulmo Chief Security Architect Cork, 6/26/2016.

Published byDominick Bates Modified over 8 years ago

Similar presentations

Presentation on theme: "EGEE is a project funded by the European Union under contract IST-2003-508833 Global Security Architecture Olle Mulmo Chief Security Architect Cork, 6/26/2016."— Presentation transcript:

1 EGEE is a project funded by the European Union under contract IST-2003-508833 Global Security Architecture Olle Mulmo Chief Security Architect Cork, 6/26/2016 www.eu-egee.org

2 Cork, 2004-04-15 - 2 What’s a security architecture? A proposed set of features/services that tackles a set of requirements and can handle a set of use cases … and a roadmap on how to achieve it  A 6-month view  A 2-year view A living document and continuous discussion & evolvement  Snapshots as deliverables Sept 04, July 05  Assessment deliverable Mar 06

3 Cork, 2004-04-15 - 3 How do we do this? Security and “Architecture” Groups play a vital role Don’t plan for any major development Operational issues are important Bootstrap with a workshop  A suitable date should be picked at the JRA1/JRA3/SA1 session  Get priorities straightened out

4 Cork, 2004-04-15 - 4 Open issues Who to prioritize  Operations vs. users vs. applications  When is a requirement really a requirement? What to prioritize  What’s protected to what cost?  Performance penalty vs.System integrity Accounting  Do we have a mandate w.r.t. “quota enforcement” issues?

5 Cork, 2004-04-15 - 5 We don’t start from square one (OGSA-Sec)

6 Cork, 2004-04-15 - 6 We don’t start from square one (EDG and LCG Sec)

7 Cork, 2004-04-15 - 7 The Grand Picture

8 Cork, 2004-04-15 - 8 Fact: We can’t do anything fancy Requirements on functionality Authentication Access control Credential mgmt Delegation Audit … Existing capabilities EUGridPMA X.509 Proxy Certs MyProxy VOMS GSI Paradigm Shift (SOA) Other work already underway (LCG, OGSA,…)

9 Cork, 2004-04-15 - 9 Architecture Roadmap – 6-month view Fact: Those 6 months are actually 2 at the most! No choice: “duct-tape” solutions  … as current technology, standards and licensing issues fail us  Interoperability problems  Migration path problems Example: Delegation  G-HTTPS? HTTPG? GSI-SecureConversation?  Quick hack?

10 Cork, 2004-04-15 - 10 Architecture Roadmap – 2-year wish list Unified configuration and logging formats Input from work on threat models and security reviews  Flooding attacks, disillusioned users, …  Ban use of ~/.globus/userkey.pem PKI hierarchies, online revocation information services  EUGridPMA going global Move towards OGSA-Sec / WS-Sec compliance  Whatever is there and stable, we should use  Collaboration with other projects, GGF etc.

Download ppt "EGEE is a project funded by the European Union under contract IST-2003-508833 Global Security Architecture Olle Mulmo Chief Security Architect Cork, 6/26/2016."

Similar presentations

MyProxy Jim Basney Senior Research Scientist NCSA

MyProxy Jim Basney Senior Research Scientist NCSA
1 ALICE Grid Status David Evans The University of Birmingham GridPP 14 th Collaboration Meeting Birmingham 6-7 Sept 2005.

1 ALICE Grid Status David Evans The University of Birmingham GridPP 14 th Collaboration Meeting Birmingham 6-7 Sept 2005.
24-May-01D.P.Kelsey, GridPP WG E: Security1 GridPP Work Group E Security Development David Kelsey CLRC/RAL, UK

24-May-01D.P.Kelsey, GridPP WG E: Security1 GridPP Work Group E Security Development David Kelsey CLRC/RAL, UK
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org Security (JRA3) Åke Edlund, JRA3 Manager, KTH David Groep, EUGridPMA chair, NIKHEF EGEE 1.

INFSO-RI Enabling Grids for E-sciencE Security (JRA3) Åke Edlund, JRA3 Manager, KTH David Groep, EUGridPMA chair, NIKHEF EGEE 1.
The Community Authorisation Service – CAS Dr Steven Newhouse Technical Director London e-Science Centre Department of Computing, Imperial College London.

The Community Authorisation Service – CAS Dr Steven Newhouse Technical Director London e-Science Centre Department of Computing, Imperial College London.
Dr. Julian Lo Consulting Director ITIL v3 Expert

Dr. Julian Lo Consulting Director ITIL v3 Expert
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org JRA3 2 nd EU Review Input David Groep NIKHEF.

INFSO-RI Enabling Grids for E-sciencE JRA3 2 nd EU Review Input David Groep NIKHEF.
Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006.

Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006.
EInfrastructure policies 15-16 April 2004, Dublin Next steps and conclusions Brian Coghlan Patrick Aerts Kyriakos Baxevanidis.

EInfrastructure policies April 2004, Dublin Next steps and conclusions Brian Coghlan Patrick Aerts Kyriakos Baxevanidis.
Reporter Training APRIL 2015 1. Campus Labs Compliance Assist is a fully integrated and comprehensive online solution for managing institutional research,

Reporter Training APRIL Campus Labs Compliance Assist is a fully integrated and comprehensive online solution for managing institutional research,
EGEE Security Area 13 May 2004 EGEE Security Area Stakeholders JRA3 middleware Architecture What we have for Unix and Java What.

EGEE Security Area 13 May 2004 EGEE Security Area Stakeholders JRA3 middleware Architecture What we have for Unix and Java What.
RomeWorkshop on eInfrastructures 9 December 2003 - 1 LCG Progress on Policies & Coming Challenges Ian Bird IT Division, CERN LCG and EGEE Rome 9 December.

RomeWorkshop on eInfrastructures 9 December LCG Progress on Policies & Coming Challenges Ian Bird IT Division, CERN LCG and EGEE Rome 9 December.
EGEE is a project funded by the European Union under contract IST-2003-508833 JRA4 Execution Plan and Brainstorming Javier Orellana JRA4 Coordinator EGEE.

EGEE is a project funded by the European Union under contract IST JRA4 Execution Plan and Brainstorming Javier Orellana JRA4 Coordinator EGEE.
EGEE is a project funded by the European Union under contract IST-2003-508833 JRA1 Testing Activity: Status and Plans Leanne Guy EGEE Middleware Testing.

EGEE is a project funded by the European Union under contract IST JRA1 Testing Activity: Status and Plans Leanne Guy EGEE Middleware Testing.
1 TAPAS Workshop Nicola Mezzetti - TAPAS Workshop 2002 - Bologna Achieving Security and Privacy on the Grid Nicola Mezzetti.

1 TAPAS Workshop Nicola Mezzetti - TAPAS Workshop Bologna Achieving Security and Privacy on the Grid Nicola Mezzetti.
12-May-03D.P.Kelsey, SCG Online Authentication1 Online Authentication SCG Meeting EDG Barcelona, 12 May 2003 David Kelsey CCLRC/RAL, UK

12-May-03D.P.Kelsey, SCG Online Authentication1 Online Authentication SCG Meeting EDG Barcelona, 12 May 2003 David Kelsey CCLRC/RAL, UK
Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.

Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.
EGEE is a project funded by the European Union under contract IST-2003-508833 Testing processes Leanne Guy Testing activity manager JRA1 All hands meeting,

EGEE is a project funded by the European Union under contract IST Testing processes Leanne Guy Testing activity manager JRA1 All hands meeting,
May 8, 20071/15 VO Services Project – Status Report Gabriele Garzoglio VO Services Project – Status Report Overview and Plans May 8, 2007 Computing Division,

May 8, 20071/15 VO Services Project – Status Report Gabriele Garzoglio VO Services Project – Status Report Overview and Plans May 8, 2007 Computing Division,
Security Area in GridPP2 4 Mar 2004 Security Area in GridPP2 “Proforma-2 posts” overview Deliverables – Local Access – Local Usage.

Security Area in GridPP2 4 Mar 2004 Security Area in GridPP2 “Proforma-2 posts” overview Deliverables – Local Access – Local Usage.

Similar presentations

Ads by Google