|
Size: 3742
Comment:
|
Size: 5745
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 8: | Line 8: |
| 1. how could the access control you've implemented be subverted by e.g. a bad person, or by an expert trying to get round the system for their own convenience, or by a careless user? |
1. how could the access control you've implemented be subverted by e.g. a bad person, or by an expert trying to get round the system for their own convenience, or by a careless user? |
| Line 25: | Line 24: |
| * Micha Bayer (ROS: ''Grid/BLAST person and portlets, globus'') | * Micha Bayer * (ROS: ''Grid/BLAST person and portlets, globus'') * Micha: ''Please do bear in mind that I was only involved in this peripherally - I wrote the gridblast portlet and service which Jipu then continued to Shib-enable, so my knowledge of Shib is very limited indeed.'' |
| Line 35: | Line 36: |
| ||<-2 :> '''1. what did you find difficult?''' || || || || ||First draft evaluation of objectives || || ||Fri 7 April || || First draft user etc. evaluation || || ||''Mark on hols 6-17 April inclusive'' || ''Take a little time for Humbul'' || ||Tue 18 April ||Policy Evaluation feedback from other projects || || ||Fri 21 April ||Feedback to A on user etc. evaluation || || ||Fri 21 April || ||Feedback to M on Policy Management (and anything else) || || || ||'''All work drafted and ready'''|| ||WB 24 April ||''Full time on ESP-GRID'' ||''Full time on ESP-GRID'' || ||Tue 25 April || || First good draft of 'final' documents || || || || Plan for web site est. and move-over from wiki || |
||'''1. what did you find difficult?''' || || || || || Oluwafemi Ajayi || || || || Micha Bayer || || || || Jipu Jiang || || || || Anthony Stell || || || || John Watt || || ||'''2. what makes Shibboleth a good solution for accessing a service like Bridges or the DyVOSE data?''' || || || || || Oluwafemi Ajayi || || || || Micha Bayer || || || || Jipu Jiang || || || || Anthony Stell || || || || John Watt || || ||'''3. what issues can you see in a real-world production of this with 100s of users, maybe a commercial data provider, issues for the future etc.?''' || || || || || Oluwafemi Ajayi || || || || Micha Bayer || || || || Jipu Jiang || || || || Anthony Stell || || || || John Watt || || ||'''4. what scalability issues can you identify?''' || || || || || Oluwafemi Ajayi || || || || Micha Bayer || || || || Jipu Jiang || || || || Anthony Stell || || || || John Watt || || ||'''5. how could the access control you've implemented be subverted by e.g. a bad person, or by an expert trying to get round the system for their own convenience, or by a careless user?''' || || || || || Oluwafemi Ajayi || || || || Micha Bayer || || || || Jipu Jiang || || || || Anthony Stell || || || || John Watt || || |
| Line 47: | Line 67: |
| ||Fri 5 May || Establish web site || || ||Fri 12 May || Finish move-over of text and documents to permanent ESP-GRID web site. || || = Possible extended work plan = ||'''Date''' || '''Mark''' || '''Alun''' || ||Fri 19 May || Dep.t user eval. for e-Science (1st draft) || Dep.t user eval. for e-Science (1st draft) || ||Fri 26 May || Dep.t user eval. for e-Science finished forms and plans || Dep.t user eval. for e-Science finished forms and plans|| ||Mon 29 May || User requirements exercise begins || User requirements exercise begins || ||Fri 9 June || User requirements exercise ends || User requirements exercise ends || ||Mon 19 June || Analysis and write-up begins || Analysis and write-up ends || ||Mon 19 June || Analysis and write-up begins || Analysis and write-up ends || ||Fri 30 June ||<-2 :> '''Final report of requirements doc. to JISC'''|| |
Developer Evaluation
In February 2006 we asked the developers from the BRIDGES and DyVOSE projects to answer a few brief questions. Contact details confirmed at http://www.nesc.ac.uk/nesc/team.html with biographies. We asked the developers to considering specifically the Shibbolizing of the Bridges web portal and DyVOSE work, and all the myriad of steps which had to be completed to make this work (PERMIS, whatever), and asked them to please identify for us:
- what did you find difficult?
- what makes Shibboleth a good solution for accessing a service like Bridges or the DyVOSE data?
- what issues can you see in a real-world production of this with 100s of users, maybe a commercial data provider, issues for the future etc.?
- what scalability issues can you identify?
- how could the access control you've implemented be subverted by e.g. a bad person, or by an expert trying to get round the system for their own convenience, or by a careless user?
To spark some real-world flavour we used the "naively"-formed scenario:
To the developer: Scenario: Please imagine you've by chance met a manager of a faculty resource in the corridor, and he/she knows of your experience and naively thinks you're the person who can just Shibb their target - "This afternoon, if you've time?"
Responses Received
We are extremely grateful to the following for responding so promptly to our scenario:
- Oluwafemi Ajayi
- Micha Bayer
(ROS: Grid/BLAST person and portlets, globus)
Micha: Please do bear in mind that I was only involved in this peripherally - I wrote the gridblast portlet and service which Jipu then continued to Shib-enable, so my knowledge of Shib is very limited indeed.
- Jipu Jiang
- Anthony Stell
- John Watt
The results can be seen below.
Results
Question |
Developer |
Answer |
1. what did you find difficult? |
|
|
|
Oluwafemi Ajayi |
|
|
Micha Bayer |
|
|
Jipu Jiang |
|
|
Anthony Stell |
|
|
John Watt |
|
2. what makes Shibboleth a good solution for accessing a service like Bridges or the DyVOSE data? |
|
|
|
Oluwafemi Ajayi |
|
|
Micha Bayer |
|
|
Jipu Jiang |
|
|
Anthony Stell |
|
|
John Watt |
|
3. what issues can you see in a real-world production of this with 100s of users, maybe a commercial data provider, issues for the future etc.? |
|
|
|
Oluwafemi Ajayi |
|
|
Micha Bayer |
|
|
Jipu Jiang |
|
|
Anthony Stell |
|
|
John Watt |
|
4. what scalability issues can you identify? |
|
|
|
Oluwafemi Ajayi |
|
|
Micha Bayer |
|
|
Jipu Jiang |
|
|
Anthony Stell |
|
|
John Watt |
|
5. how could the access control you've implemented be subverted by e.g. a bad person, or by an expert trying to get round the system for their own convenience, or by a careless user? |
|
|
|
Oluwafemi Ajayi |
|
|
Micha Bayer |
|
|
Jipu Jiang |
|
|
Anthony Stell |
|
|
John Watt |
|
Mon 1 May |
Final doc.s to JISC |
|