OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [security-services] yet another SAML-based effort


On 7/11/06, Jeff Hodges <Jeff.Hodges@neustar.biz> wrote:
>
> Permis
> http://sec.cs.kent.ac.uk/permis/integrationProjects/SAML.shtml
>
> This is a SAML-assn-conveyed attribute-based authz system. I chatted just a bit
> with David Chadwick in the hall here at Montreal IETF about it. He says that in
> his world, "SAML is all the rage, and X>509-based attr certs are looked down upon."

Well, I wouldn't go quite that far :-)  Major grid deployments (EGEE,
OSG, etc.) are based on VOMS attribute certificates, and so VOMS isn't
going away any time soon.  What *is* all the rage is attribute-based
access control, and for those grid deployments that are new to this,
SAML-based attributes are very appealing given the fact that campuses
(which is where many grid users are located) are rooted in SAML (i.e.,
Shibboleth).

Now you understand my interest in the X.509 Attribute Sharing Profile
and other related work. ;-)  It lays the groundwork for SAML-based
attribute queries for grids.

Tom


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]