This page contains notes building towards a formal document regarding the role of Shibboleth with grids. It necessarily challenges some basic assumptions of the way that authentication and authorisation are currently managed in grids.
This work forms the bulk of the eSP-grid workpackage five (Shibboleth Evaluation).
Contents
- [#intro Introduction: how to use this document]
- [#contempassumpts Contemporary Assumptions]
- [#mustscale Grids must scale] ; [#identitymanscalability Identity management is a scalability bottleneck] ; [#identtrustorg Identity is best managed by a very trustworthy organisation] ; [#attributemanscale Attribute management is a scalability bottleneck] ; [#trustminimum Trust must be kept to a minimum on grids] ; [#securityieinadeq Security levels in the 'information environment' are inadequate]
- [#PKIvsassumpts How does PKI live up to these assumptions?]
- [#PKImustscale Grids must scale] ; [#PKIidentitymanscalability Identity management is a scalability bottleneck] ; [#PKIidenttrustorg Identity is best managed by a very trustworthy organisation] ; [#PKIattributemanscale Attribute management is a scalability bottleneck] ; [#PKItrustminimum Trust must be kept to a minimum on grids] ; [#PKIsecurityieinadeq Security levels in the 'information environment' are inadequate]
- How could Shibboleth play a role?
Introduction: how to use this document
Contemporary Assumptions
Grids must scale
Anchor(identitymanscalability)
Identity management is a scalability bottleneck
Identity is best managed by a very trustworthy organisation
But need not be - identity is easier to manage than role etc.
Attribute management is a scalability bottleneck
Trust must be kept to a minimum on grids
Yes, general principle is true. However, as a resource owner it may not be possible to manage more than n users and therefore you have to trust third parties. Even for a very low number of users, a grid resource owner may be the last to find out that a user has been convicted as a criminal for fraud, or has been determined to have hacked another resource.
Security levels in the 'information environment' are inadequate
Grid cannot trust levels of authN in users home organisations. Grid RAs and CAs are better.
How does PKI live up to these assumptions?
Grids must scale
Anchor(PKIidentitymanscalability)
Identity management is a scalability bottleneck
Identity is best managed by a very trustworthy organisation
But need not be - identity is easier to manage than role etc.
Attribute management is a scalability bottleneck
Trust must be kept to a minimum on grids
Yes, general principle is true. However, as a resource owner it may not be possible to manage more than n users and therefore you have to trust third parties. Even for a very low number of users, a grid resource owner may be the last to find out that a user has been convicted as a criminal for fraud, or has been determined to have hacked another resource.
Security levels in the 'information environment' are inadequate
Grid cannot trust levels of authN in users home organisations. Grid RAs and CAs are better.
How could Shibboleth play a role?
Grids must scale
Anchor(SHIBidentitymanscalability)
Identity management is a scalability bottleneck
Identity is best managed by a very trustworthy organisation
But need not be - identity is easier to manage than role etc.
Attribute management is a scalability bottleneck
Trust must be kept to a minimum on grids
Yes, general principle is true. However, as a resource owner it may not be possible to manage more than n users and therefore you have to trust third parties. Even for a very low number of users, a grid resource owner may be the last to find out that a user has been convicted as a criminal for fraud, or has been determined to have hacked another resource.
Security levels in the information environment are inadequate
Grid cannot trust levels of authN in users home organisations. Grid RAs and CAs are better.