[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Generic Profiles
Dear List at yesterdays telecom we briefly discussed the WS-Trust, SAML and XACML profiles being developed by the TC. As part of the Open Grid Forum we have already developed and published a set of generic profiles that can be used by any distributed applications. Although initially developed for grid applications, there is nothing in them that is specific to grids, and we are using them in the TAS3 project (which is not a grid application). You might find these useful. Details below GFD.156 Functional Components of Grid Service Provider Authorisation Service Middleware Abstract: This document describes the various components that make up the authorization decision function of a Grid service provider. It looks at the different ways in which the various components can be combined together, and data flows between the components. This document is for informational purposes only and is not intended to form a grid standard. Available from http://www.ogf.org/documents/GFD.156.pdf GFD.159 Use of XACML Request Context to Obtain an Authorisation Decision D. Chadwick, L. Su, R. Laborde 2009-11-13 Abstract: The purpose of this document is to specify a protocol for accessing a Policy Decision Point (PDP) by a Grid Policy Enforcement Point (PEP) in order to obtain access control decisions containing obligations. The protocol is a profile of the SAML2.0 profile of XACMLv2 request/response contexts, tailored especially for grid use. Available from http://www.ogf.org/documents/GFD.159.pdf GFD.158 Use of SAML to retrieve Authorization Credentials V. Venturi, T. Scavo, D. Chadwick 2009-11-13 Abstract: This document presents a specification for an authorization credential retrieval protocol based on the use of the Security Assertion Markup Language (SAML) and protocol as a format for requesting and retrieving attribute assertions. Available from http://www.ogf.org/documents/GFD.158.pdf GFD.157 Use of WS-TRUST and SAML to access a Credential Validation Service D. Chadwick, L. Su 2009-11-13 Abstract: This document provides a protocol for an authorization component to access an external credential validation service (CVS) prior to calling a policy decision point (PDP). The protocol is a profile of a SAML attribute assertion carried by WS-Trust. Available from http://www.ogf.org/documents/GFD.157.pdf regards David ***************************************************************** David W. Chadwick, BSc PhD Professor of Information Systems Security School of Computing, University of Kent, Canterbury, CT2 7NF Skype Name: davidwchadwick Tel: +44 1227 82 3221 Fax +44 1227 762 811 Mobile: +44 77 96 44 7184 Email: D.W.Chadwick@kent.ac.uk Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/index.html Entrust key validation string: MLJ9-DU5T-HV8J PGP Key ID is 0xBC238DE5 *****************************************************************
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]