[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ggf-ogsa-sec-wg] VO consideration

To: <ogsa-sec-wg@gridforum.org>
Subject: [ggf-ogsa-sec-wg] VO consideration
From: "Takashi Kojo" <kojo@isd.nec.co.jp>
Date: Fri, 25 Oct 2002 11:08:51 +0900
Reply-To: "Takashi Kojo" <kojo@bk.jp.nec.com>
Sender: owner-ogsa-sec-wg@gridforum.org

Greetings,

While reviewing "The Security Architecture for OGS",
I got several questions. One of them seems somewhat fundamental.
The discussion might ave been done somewhere before. I would 
appreciate pointers to refer to.

The question is
What is the definition of VO with regard to OGSA Security, 
which was described in the introduction.

My motive is to find out if/how the VO model is sufficient enough
to deal with real use cases of the grid regarding with grid security.

- Would a single layer of VO be sufficient enough?
    to deal with levels of trusted users or VOs...
- How do you set up/modify the VOs with which authority?
         or maybe can you partially define them statically, too?
      What would be a set of services of VO manipulations?
- What would be a granularity of VO configuration regarding with timing?
            By command lines, sessions or more overall agreement between
            VOs?
- If the VO manipulation represents dynamic aspect of policy/trust
definition, how much should be handled by policy/trust and by
VO manipulation?
- What would be real organization(RO) policy/trust and VO policy/trust?

Kojo

----------
Takashi Kojo, NEC, kojo@bk.jp.nec.com

Follow-Ups:
- Re: [ggf-ogsa-sec-wg] VO consideration
  - From: Philippe Janson <pj@zurich.ibm.com>

Prev by Date: RE: [ggf-ogsa-sec-wg] inter-domain requirements
Next by Date: Re: [ggf-ogsa-sec-wg] VO consideration
Prev by thread: [ggf-ogsa-sec-wg] FYI: WS-I Basic Profile
Next by thread: Re: [ggf-ogsa-sec-wg] VO consideration
Index(es):
- Date
- Thread