I don't know if this will help or hurt the discussion, but has everyone had an opportunity to read the ACE-grid security document? It refers to itself as addressing security for "collaborative environments," but they go through a number of use cases that are very relevant to SAGA. Deb Agarwal and Markus Lorch also contributed an excellent discussion of implementations and scenarios for reasonable security implementations . It may help bring us SAGA members up-to-speed on some aspects of the security model considerations. http://www.ggf.org/documents/GFD.43.pdf On Feb 13, 2006, at 12:58 AM, Andre Merzky wrote:
Hi group,
we managed to corner the Security Area ADs at GGF in Athens, and to get some statements from them in respect to:
"What security paradigms are generically available in Grids, and what should be exposed to the end user?"
Well, their answer was basically, that there is no agreed upon approach in the scope of GGF, so, the best we can do is to look at Grid implementations, and abstract/generalize their security paradigms.
A viable approach in their opinion would be to base security settings on strings, and allow the implementation to interpret them accordingly. That approach is very close to what we have right now for sessions, and what we want to have for streams