wiki:SecurityTeam/Agenda/Agenda11.08.06

Version 1 (modified by pjkersha, 13 years ago) (diff)

--

Meeting Agenda 11 August 2006 - NDG Security Configuration at the BODC

The aim of this meeting is determine the system configuration for all the NDG Security components at the BODC: To migrate from the current prototype configuration on livglue toward a more production like setup. This takes into account the new arrangement of the Livgrid servers as follows:

LIVGRID2 - NDG DEVELOPMENT SERVER LIVGRID1 - NDG PRODUCTION SERVER ( http://grid.bodc.nerc.ac.uk).

  1. Review of NDG Security.
  1. Migration from LIVGLUE TO LIVGRID2.
    • Services running on LIVGLUE, Delete/uninstall NDG-Security s/w on LIVGLUE and build everything from scratch
    • Installing NDG-Security Software on LIVGRID2.
    • Need ROOT/Pseudo permission to install and configure.
    • LIVGRID1 will be NDG-Production Server ( http://grid.bodc.nerc.ac.uk). All NDG requests will be routed to this Machine.

  1. MyProxy Server
    • suitable host
    • Location of Certificates on host
    • firewall considerations
    • Requirement for minimal services running on that machine.
    • User/group permissions for installation and configuration.
    • Automated start up from boot: xinetd or SysV Init script
    • Any other security issues or measures to be taken to secure host ...

  1. Migrating Credential Repository database from MySQL to ORACLE.
    • What is the Credential Repository and what does it do?
    • Creation of Database tables under BODC ORACLE Server. Q. Before or after migrating to new Development Server?
    • New custom Python class for BODC Oracle db interface to NDG Security Credential Wallet