Version 2 (modified by pjkersha, 13 years ago) (diff)


Meeting Agenda 11 August 2006 - NDG Security Configuration at the BODC


Determine the system configuration for all the NDG Security components at the BODC: To migrate from the current prototype configuration on livglue toward a more production like setup. This takes into account the new arrangement of the Livgrid servers as follows:


  1. Review of NDG Security
  2. MyProxy Server
    • suitable host
    • Location of Certificates on host
    • firewall considerations
    • Requirement for minimal services running on that machine.
    • User/group permissions for installation and configuration.
    • Automated start up from boot: xinetd or SysV Init script
    • Any other security issues or measures to be taken to secure host ...
  3. Session Manager Web Service
    • suitable host
    • firewall considerations
    • Interface to MyProxy - considerations for this
    • Interface to the Credential Repository
  4. Attribute Authority Web Service
    • suitable host
    • firewall considerations
    • User Roles Interface to Oracle Database
  5. Migration from LIVGLUE TO LIVGRID2.
    • Services running on LIVGLUE, Delete/uninstall NDG-Security s/w on LIVGLUE and build everything from scratch
    • Installing NDG-Security Software on LIVGRID2.
    • User/group permissions for installation and configuration
    • LIVGRID1 will be NDG-Production Server ( All NDG requests will be routed to this Machine.
  6. Migrating Credential Repository database from MySQL to Oracle.
    • What is the Credential Repository and what does it do?
    • Creation of Database tables under BODC Oracle Server. Q. Before or after migrating to new Development Server?
    • New custom Python class for BODC Oracle db interface to NDG Security Credential Wallet