wiki:T12_Security/OMII-UK/20080716

Version 2 (modified by pjkersha, 11 years ago) (diff)

--

NDG Security

Home | Research | Architecture | Documentation | Downloads | Discussion | OMII-UK | ESG and IPCC AR5 | DEWS | Admin Quick Start


OMII-UK NDG Security Status Report 2008/07/16

Summary

  1. Completion of Deployments:
    • BADC is updated. One additional step is to complete integration with the Perl based BADC data browser. This would open up many more datasets to NDG Security based access.
    • BODC - the firewall problem has been resolved. It was actually a problem with Python SSL clients and Apache mod_rewrite
    • NOCS is updated.
    • PML: updated. Cross-site access testing is needed to confirm everything is configured OK e.g. PML user accessing BADC data via PML account and NDG Single Sign On.
  2. #931 OpenID:
    • We've just done trials with some of the Earth System Grid team in the US as part of work for the IPCC AR5.
      • ESG have a prototype OpenID Provider interface (i.e. an IdP)
      • We were able to use this to login to NDG with an OpenID ESG account.
    • The next step would be to add an OpenID Provider interface to NDG. - At the moment NDG has the functionality to act as an OpenID Relying Party ie. we can accept credentials from OpenID users.
    • Enabling NDG as an OpenID Provider would enable BADC users to login to ESG sites in the US. This is beyond the scope of what we planned for the OMII-UK work. We'd like to request a no cost extension to fit this work in.
  3. #938 Java Client Interface:
    • A Java developer is now helping with this. He will focus on getting an example WSS4J based client working with a Python based service.
  4. #940 WS-Security for ZSI: the ElementTree based Signature Handler is now work and has tested OK against the previous xml.dom based implementation.
  5. AHM Demo: I've made enquiries to get ideas for a demo based on a grid processing job accessing NDG secured data. Grid based data access can be demonstrated but it's more difficult to find examples involving computational grids.