wiki:T12_Security

Version 6 (modified by pjkersha, 13 years ago) (diff)

--

NDG Security

Is about access control: authentication and authorisation. This package provides software infrastructure to support controlled access to NDG-A and B metadata and data and to provide access logging.

NDG security allows data providers to restrict access to detailed metadata and data according to their own criteria. (i.e. so that data providers can respect IPR or licensing constraints and if appropriate develop their own charging regimes, although anything and everything to do with charging per se is out of scope for NDG).

To support the information required to show usage of services, and potentially form the basis of charging structures should they be appropriate.

Product components

  1. Underlying library (SecLibrary)
  2. Software package which deploys an Attribute Authority as a web service. (SecAA)
  3. Software package that provides a simple certificate authority and myproxy server which can be used to produce lightweight certificates. (SecCA)
  4. Web service package to allow controlled access to a resource given the role protecting the resource and user credentials. (SecControl)
  5. NDG session manager functionality (SecSession)
  6. NDG wallet functionality. (SecWallet)
  7. Logging Web Service (database or file based, with web service interface). (SecLog)

Key Integration Milestones

  1. Initiation Stage (Sept-Dec 2005): Completed. NDG 1 Security is a working prototype installed at BADC and BODC.
  2. Document for data centres outlining pre-requisites for NDG security H/W and infrastructure [20 Dec 2005]
  3. Alpha Development and Testing Stage (Jan-July 2006) :
  4. H/W baseline agreed for all sites - agree pre-requisites for H/W and infrastructure at data centres to run NDG security [20 Jan 2006]
  5. Data Centres publish their user roles to allow establishment of role mappings [31 Jan 2006]
  6. Security Pre-installation – BODC (update to existing), NOCS, PML [28 Feb 2006]
  7. Integration with Data Extractor [1 May 2006]
  8. Role Mappings finalised for all data centres [30 June 2006]
  9. Security Integration: installation of version 1.0 at all sites [31 July 2006]
  10. Beta Development and Testing Stage (Aug-Jan 2007)
  11. Production System Implementation Stage (Feb-June 2007)
  12. Reporting and Futures Planning (July-Sept 2007)

Integration Dependencies

  1. BADC User database and user roles <-> Attribute Authority
  2. PML User database and user roles <-> Attribute Authority
  3. NOSC User database and user roles <-> Attribute Authority
  4. PERMIS – authorisation system
  5. THREDDS system (external)
  6. NCAR (external)
  7. World Data Centre for Climate (external)

Internal Development Stages

  1. Initiation Stage [Sept-Dec 2006]:
  2. NDG 1 Security working prototype installed at BADC and BODC [Completed Nov 2005]
  3. Document for data centres outlining pre-requisites for NDG security H/W and infrastructure [20 Dec 2005]
  4. Prototype Enhancements 1 [20 Dec 2005]:
  5. [DEFINITE] XML Encryption – allow encryption of NDG security message content between web services where required [3 days].
  6. [DEFINITE] Session Manager request forwarding – allow local Session Manager to forward browser client requests to the Session Manager where the user’s session resides [3 days].
  7. Alpha Development and Testing Stage [Jan-July 2006]:
  8. Prototype Enhancements 2 [30 June 2006]:
    1. [DEFINITE] Cross domain cookies – Problem: NDG must work across the domains of the different participating data centres. However, a given cookie is only visible to the domain in which it was set. Look into solutions and following analysis, implement the best. [2 weeks].
    2. [DEFINITE] Attribute Authority WS has method getTrustedHosts to allow user to see which hosts a data centre trusts to help when they are trying to get authorisation for a given data set [2 days].
    3. [DEFINITE] Session Manager SimpleCA Web Services - functionality for certificate revocation [1 week].
  9. H/W baseline agreed for all sites - agree pre-requisites for H/W and infrastructure at data centres to run NDG security[20 Jan 2006]
  10. Data Centres publish their user roles to allow establishment of role mappings [31 Jan 2006]:
    1. [DEFINITE] Liaise with data centres (NOCS and PML) to establish user roles (BADC and BODC have roles set up).
    2. [MAYBE] Meeting with data centres to discuss roles [1 day]
    3. [DEFINITE] Data Centres (NOCS and PML) create list of user roles for their data [1 week each]
  11. Write NOCS and PML roles<–>Attribute Authority interface python plug-ins. [1 week]
  12. Pre-installation preparation [31 January 2006]:
    1. [MAYBE] Installation script – builds Python libraries from C source code. This may not be necessary if binary install will work [1 week]
    2. [DEFINITE] Installation Guide Complete [1 week]
  13. Security Pre-installation – BODC (update to existing), NOCS, PML [28 Feb 2006]:
    1. [DEFINITE] Upgrade BADC system from NDG prototype to latest version [1 week]
    2. [DEFINITE] Upgrade BODC system from NDG prototype to latest version [1 week]
    3. [DEFINITE] Install system at NOCS [1 week]
    4. [DEFINITE] Install system at PML [1 week]
  14. DataDeliveryService – component for matching user authorisation roles with those of data and handling of data download [30 Apr 2006].
    1. [DEFINITE] Design and analysis - sequence diagrams and use cases to aid analysis as required [1 week]
    2. [DEFINITE] Implementation [2 weeks]
    3. [DEFINITE] Integration testing with BADC system [1 week]
  15. Logging Web Service (database or file based, with web service interface) [15 Apr 2006 – in time for DX integration].
    1. [DEFINITE] Requirements Document – gather requirements from whom? – data centres? [1 week]
    2. [DEFINITE] Analysis and design [1 week]
    3. [DEFINITE] Implementation [2 weeks]
  16. Integration with Data Extractor [1 May 2006]:
    1. [DEFINITE] Help Ag with integration [3 days]
  17. Role Mappings finalised for all data centres [30 June 2006]:
    1. [MAYBE] Meet with Data Centres to discuss roles and role mappings [1 day]
    2. [DEFINITE] Data Centres establish bilateral role maps between them [2 weeks]
  18. Security Integration: installation of version 1.0 at all sites [31 July 2006]:
    1. [DEFINITE] BADC [1 week]
    2. [DEFINITE] BODC [1 week]
    3. [DEFINITE] NOCS [1 week]
    4. [DEFINITE] PML [1 week]
  19. Beta Development and Testing Stage(Aug-Jan 2007):
  20. [DEFINITE] Updates to web front ends to include security infrastructure Administrators at each data centre 31 August 2006, 4 weeks each?
  21. [DEFINITE] system testing [31 August 2006, 4 weeks]
  22. [DEFINITE] bug fixes, changes and updates as required [4 weeks]
  23. Production System Implementation Stage (Feb-June 2007):
  24. Reporting and Futures Planning (July-Sept 2007): [The following activities organised under this milestone more by relevance to topic than suiting time constraint. These tasks could be shifted to earlier in the schedule as required]
  25. Using certificates from other CAs in NDG security:
    1. [MAYBE] Analysis – look into changes that would be needed – MyProxy behaviour etc.
    2. [MAYBE] Implement
  26. Java clients to Web Service Interfaces:
    1. [MAYBE] Write Java stub code for NDG Security Web Services [3 weeks]
    2. [MAYBE] In light of the above, review the WS interfaces and change as necessary – radical change to Document Literal rather than RPC style needed? [1 week]
    3. [MAYBE ] Aug - updates to BODC, NOCS and PML NDG Security s/w following possible changes to WS interfaces [2 weeks]
  27. PERMIS:
    1. [MAYBE] Investigate replacement of NDG authorisation system with PERMIS. [1 week]
    2. [MAYBE] Implement as of outcome of the above [7 weeks]
  28. Shibboleth:
    1. [MAYBE] Investigate Shibboleth <-> NDG interoperation [1 week]
    2. [MAYBE] Implement as of outcome of the above [5 weeks]
  29. THREDDS:
    1. [MAYBE] engineer a suitable interface to integrate with THREDDS authorisation [4 weeks]
  30. Look into Java implementation of NDG Security components:
    1. [MAYBE] Attribute Authority – update Neil Bennett’s existing version [3 weeks]
    2. [MAYBE] Session Manager – [4 weeks]
    3. [MAYBE] SimpleCA – [4 weeks]
    4. [MAYBE] ftpService – [4 weeks]

Issues

trusting external certificates (KNOWN CA’s)

  • can we generate certificates for a session only?
  • How to enable NDG security needs to be an early deliverable

See also WGSecurity.

See also SecDiagrams