Hi Paul,
As promised, here's a few words on security, following from RFC-3552's suggestions:
Nice job! Some suggestions inline.
9. Security Considerations
[...]
When deploying a information system conforming to GLUE 2.0 conceptual | ^ | an
[...]
9.2 Non-repudiation
[...] specific to the concrete data model or it may be provided outwith of | ^^^^^^^ | outside
Nobody outside (!) Scotland uses that word... :-)
the GLUE conceptual model.
[...]
9.3.2 Inappropriate Usage
[...]
Individual grids may describe what they consider appropriate usage of GLUE information and implement appropriate procedure to ensure this | ^^^^^^^^^ | procedures
policy is enacted.
[...]
9.4.2 Replay
Grid operations may depend on information provided in GLUE conceptual model. A replay attack would revert part (possible all) information | ^ | of the
[...]
Underlying concrete models and implementing software should prevent | ^^^^^^^^^^^^^^^^^^^^^ | software implementations
replay attacks.
9.4.3 Message insertion
The ability to insert information is key to providing accurate information. However, inserting incorrect information may have a detrimental effect to the running systems; for example, there are attributes in the conceptual model accept multiple values. If | ^ | that
incorrect values are included, the systems may suffer.
Many aspects of GLUE provide service discovery. Inserting false information would allow unauthorised services to publish their presence and attract activity. This may be used as a basis for further attacks.
Underlying concrete models and implementing software should ensure | ^^^^^^^^^^^^^^^^^^^^^ | software implementations
that agent's ability to insert information is limited and appropriate. | ^ | an
[...]
9.4.5 Modification
The ability to modify information is key to providing accurate information. However, concrete data models and implementing software | ^^^^^^^^^^^^^^^^^^^^^ | software implementations
should limit agents so their ability to modify information is limited and appropriate.
9.4.6 Man-in-the-middle.
Man-in-the-middle attacks may allow arbitrary modification of data within the GLUE conceptual model. This may have severe influence on the systems based on GLUE information.
Underlying concrete models and implementing software should understand | ^^^^^^^^^^^^^^^^^^^^^ | software implementations
the risk from man-in-the-middle attacks and provide appropriate security against them.
9.4.7 Denial of service attacks
A Denial of Service attack is one that attempts to prevent normal operation of systems. Perhaps, the most obvious is to prevent or corrupt the flow of information.
Systems using GLUE conceptual model should understand the risk from lack of information. Appropriate measures should be taken to ensure the systems continue to run whenever possible. | ^^^^^^^^ | to the extent
Thanks, Maarten