wiki:T12_Security

Version 3 (modified by lawrence, 14 years ago) (diff)

--

NDG Security

Is about access control: authentication and authorisation. This package provides software infrastructure to support controlled access to NDG-A and B metadata and data and to provide access logging.

NDG security allows data providers to restrict access to detailed metadata and data according to their own criteria. (i.e. so that data providers can respect IPR or licensing constraints and if appropriate develop their own charging regimes, although anything and everything to do with charging per se is out of scope for NDG).

To support the information required to show usage of services, and potentially form the basis of charging structures should they be appropriate.

Product components

  1. Underlying library (SecLibrary?)
  2. Software package which deploys an Attribute Authority as a web service. (SecAA?)
  3. Software package that provides a simple certificate authority and myproxy server which can be used to produce lightweight certificates. (SecCA?)
  4. Web service package to allow controlled access to a resource given the role protecting the resource and user credentials. (SecControl?)
  5. NDG session manager functionality (SecSession?)
  6. NDG wallet functionality. (SecWallet?)
  7. Logging Web Service (database or file based, with web service interface). (SecLog?)

See also WGSecurity.