Presentation is loading. Please wait.

Presentation is loading. Please wait.

DAME Collaborative Workflow & Access Control Duncan Russell University of Leeds.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "DAME Collaborative Workflow & Access Control Duncan Russell University of Leeds."— Presentation transcript:

1 DAME Collaborative Workflow & Access Control Duncan Russell University of Leeds

2 Distributed Aircraft Maintenance Environment - DAME Collaborative Workflow Business process –Involving different people/resources –Across different organisations Task based problem solving –Collaboration of Skills Expertise

3 Distributed Aircraft Maintenance Environment - DAME DAME Example Business process for diagnosing vibration data across three roles: –Maintenance Engineer –Maintenance Analyst –Domain Expert

4 Distributed Aircraft Maintenance Environment - DAME DAME Virtual Organisation

5 Distributed Aircraft Maintenance Environment - DAME DAME Access Control Restrict access to sensitive services and data Provide accountability for actions and visibility of permissions Must scale to multiples of: –Users/VOs –Portals –Workflows and Services Decouple decision and enforcement Existing solutions too static (CAS, VOMS, PERMIS, Akenti)

6 Distributed Aircraft Maintenance Environment - DAME Cardea Access Control Lepro, R, 2003, Cardea: Dynamic Access Control in Distributed Systems, NAS Technical Report NAS-03-020, NASA Advanced Supercomputing (NAS) Division

7 Distributed Aircraft Maintenance Environment - DAME DAME Access Control

8 Distributed Aircraft Maintenance Environment - DAME DAME Access Control Integrate access control into application interface Define who can control VO membership Self modifying service to update VO membership policies Workflow engine pass VO to service factories All VO service instances use VO policy

9 Distributed Aircraft Maintenance Environment - DAME Access Control Building Blocks SAML –Authorisation assertions XACML –Policy descriptions WS-Secure Conversation –From GSI Secure Conversation –Includes WS-Security – message token XML-Signature – message integrity XML-Encryption – message privacy

10 Distributed Aircraft Maintenance Environment - DAME Integration Into DAME Workflow manager –Control of VO membership Application interface Security/access control handlers in grid container Link to audit trail and Provenance System

11 Any Questions? DAME Collaborative Workflow & Access Control Duncan Russell University of Leeds

Download ppt "DAME Collaborative Workflow & Access Control Duncan Russell University of Leeds."

Similar presentations

LEAD Portal: a TeraGrid Gateway and Application Service Architecture Marcus Christie and Suresh Marru Indiana University LEAD Project (http://lead.ou.edu)

LEAD Portal: a TeraGrid Gateway and Application Service Architecture Marcus Christie and Suresh Marru Indiana University LEAD Project (
The Next Generation Grid Kostas Tserpes, NTUA Beijing, 22 of June 2005.

The Next Generation Grid Kostas Tserpes, NTUA Beijing, 22 of June 2005.
Working Group 3 – Grid C/W & VOs Glenn Gapper, Josep Vallés Sanchez, Boas Betzler, John Brooke & many others! Questions Posed: –What are VOs? –Services.

Working Group 3 – Grid C/W & VOs Glenn Gapper, Josep Vallés Sanchez, Boas Betzler, John Brooke & many others! Questions Posed: –What are VOs? –Services.
Business Plan and Outstanding Issues for Illinois Justice Network Portal IIJIS Technical Committee Meeting January 16, 2004.

Business Plan and Outstanding Issues for Illinois Justice Network Portal IIJIS Technical Committee Meeting January 16, 2004.
5-Dec-02D.P.Kelsey, GridPP Security1 GridPP Security UK Security Workshop 5-6 Dec 2002, NeSC David Kelsey CLRC/RAL, UK

5-Dec-02D.P.Kelsey, GridPP Security1 GridPP Security UK Security Workshop 5-6 Dec 2002, NeSC David Kelsey CLRC/RAL, UK
GT 4 Security Goals & Plans Sam Meder

GT 4 Security Goals & Plans Sam Meder
Research Councils ICT Conference Welcome Malcolm Atkinson Director www.nesc.ac.uk 17 th May 2004.

Research Councils ICT Conference Welcome Malcolm Atkinson Director 17 th May 2004.
VO Support and directions in OMII-UK Steven Newhouse, Director.

VO Support and directions in OMII-UK Steven Newhouse, Director.
EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Policy Based Dynamic Negotiation for Grid Services Authorization Infolunch, L3S Research Center Hannover, 29 th Jun. 2005 Ionut Constandache Daniel Olmedilla.

Policy Based Dynamic Negotiation for Grid Services Authorization Infolunch, L3S Research Center Hannover, 29 th Jun Ionut Constandache Daniel Olmedilla.
Decision Support Tools CBR & Modeling Jeff Allan University of Sheffield.

Decision Support Tools CBR & Modeling Jeff Allan University of Sheffield.
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 EGI - Identity Management Steven Newhouse Director, EGI.eu Federated Identity.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI - Identity Management Steven Newhouse Director, EGI.eu Federated Identity.
The Community Authorisation Service – CAS Dr Steven Newhouse Technical Director London e-Science Centre Department of Computing, Imperial College London.

The Community Authorisation Service – CAS Dr Steven Newhouse Technical Director London e-Science Centre Department of Computing, Imperial College London.
TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-

TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-
Security NeSC Training Team International Summer School for Grid Computing, Vico Equense, 10 - 22.6.2005.

Security NeSC Training Team International Summer School for Grid Computing, Vico Equense,
Towards the Design and Implementation of the DAME prototype: OGSA Compliant Grid Services on the White Rose Grid Sarfraz A Nadeem University of Leeds.

Towards the Design and Implementation of the DAME prototype: OGSA Compliant Grid Services on the White Rose Grid Sarfraz A Nadeem University of Leeds.
CoLaB 22nd December 2005 Secure Access to Service-based Collaborative Workflow for DAME Duncan Russell Informatics Institute University of Leeds, UK.

CoLaB 22nd December 2005 Secure Access to Service-based Collaborative Workflow for DAME Duncan Russell Informatics Institute University of Leeds, UK.
Supporting further and higher education Authentication & Authorisation for JISC and UK e-Science Alan Robiette, JISC Development Group.

Supporting further and higher education Authentication & Authorisation for JISC and UK e-Science Alan Robiette, JISC Development Group.
Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz

Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz
A PERMIS-based Authorization Solution between Portlets and Back-end Web Services Hao Yin 1, Sofia Brenes-Barahona 2, Donald F. McMullen * 2, Marlon Pierce.

A PERMIS-based Authorization Solution between Portlets and Back-end Web Services Hao Yin 1, Sofia Brenes-Barahona 2, Donald F. McMullen * 2, Marlon Pierce.

Similar presentations

Ads by Google