|
Size: 1331
Comment:
|
Size: 3478
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 13: | Line 13: |
| ''Should this be "an 'ideal' grid" or "an idealised grid" or whatever?'' | |
| Line 18: | Line 19: |
| 1. Site Authentication Requirements (Terminology and definitions) 1. Site Authorization Requirements |
|
| Line 30: | Line 34: |
BLAH BLAH == (Chapter 1) Site Authentication Requirements == === Terminology and definitions === ==== ==== "User secrets" refers to values intended to be known only by the user, known by the user and an authentication infrastructure, or known only to an authentication infrastructure and employed on the user's behalf after the user has authenticated with some other secret(s). ==== ==== To sidestep such questions as whether "a day" means eight hours or 24 hours and just how long a month is, we will deal in seconds but not quibble over implementation variances at the 10% or 20% level. ==== ==== Credentials are assumed to have lifetimes which bound their period of validity. "Long-lived" credentials have lifetimes of 1,000,000 seconds (1 megasecond or 1 Ms) or more. "Short-lived" credentials have lifetimes of 100,000 seconds (0.1 Ms) or less. Lifetimes between those limits are "intermediate." The terms long-lived and short-lived may also be applied to the secrets employed by a user to acquire credentials, although the only short-lived user secrets known to be commonly employed are one-time (or "single-use") authenticators. (Conversions: 0.1 Ms is a bit more than a day; 1 Ms is a bit less than 2 weeks.) ==== ==== If a credential's lifetime can be extended by the user, using no more proof of identity than the credential itself, this is considered "renewal" of the credential, while if the process of extending the lifetime requires measures equivalent to those employed in its initial acquisition, we consider the result a new credential. ==== ==== We specifically do not consider "post-dated" credentials -- those with lifetimes that begin at some point later than the time of the authentication act. Neither do we consider the relative strengths of cryptographic protocols, algorithms, and key lengths. We assume they are always designed, selected and implemented appropriately. == Identity == |
Work in progress This is work building up to a final requirements document on grid AAA/Security. It draws very greatly upon [wiki:RequirementsBibliography Shawn Mullen et al's] (2004) document on "Grid Authentication, Authorization and Accounting Requirements". Most of the requirement text is from this document and where we disagree, we have indicated this
Thus:
V Amendment/addition from the Mullen et al document V
- Text
^ Amendment/addition from the Mullen et al document ^
The requirements for an ideal grid
Should this be "an 'ideal' grid" or "an idealised grid" or whatever?
This document
The sections of this document are:
- Abstract
- Terminology and definitions
- Grid use models
- Site Authentication Requirements
- (Terminology and definitions)
- Site Authorization Requirements
Abstract
To be written last
However, it should include some definitions of "must" and "should" etc. AND a discussion of the grid model (e.g. Customer-Service, Technical Research User (agnostic of node), Technical Research User (node specific), Privacy/Conf./High security etc. (The musts and shoulds will be different for each grid model)
Terminology and definitions
To be written late-on when we know what we need.
Grid use models
Introduction
The use models of grids are written about elsewhere by this project. However, for clarity, they are reproduced here
BLAH BLAH
(Chapter 1) Site Authentication Requirements
Terminology and definitions
"User secrets" refers to values intended to be known only by the user, known by the user and an authentication infrastructure, or known only to an authentication infrastructure and employed on the user's behalf after the user has authenticated with some other secret(s).
To sidestep such questions as whether "a day" means eight hours or 24 hours and just how long a month is, we will deal in seconds but not quibble over implementation variances at the 10% or 20% level.
Credentials are assumed to have lifetimes which bound their period of validity. "Long-lived" credentials have lifetimes of 1,000,000 seconds (1 megasecond or 1 Ms) or more. "Short-lived" credentials have lifetimes of 100,000 seconds (0.1 Ms) or less. Lifetimes between those limits are "intermediate." The terms long-lived and short-lived may also be applied to the secrets employed by a user to acquire credentials, although the only short-lived user secrets known to be commonly employed are one-time (or "single-use") authenticators.
(Conversions: 0.1 Ms is a bit more than a day; 1 Ms is a bit less than 2 weeks.)
If a credential's lifetime can be extended by the user, using no more proof of identity than the credential itself, this is considered "renewal" of the credential, while if the process of extending the lifetime requires measures equivalent to those employed in its initial acquisition, we consider the result a new credential.
We specifically do not consider "post-dated" credentials -- those with lifetimes that begin at some point later than the time of the authentication act. Neither do we consider the relative strengths of cryptographic protocols, algorithms, and key lengths. We assume they are always designed, selected and implemented appropriately.