Changes between Version 2 and Version 3 of TI12_Security/Security0612


Ignore:
Timestamp:
12/12/06 13:00:31 (13 years ago)
Author:
pjkersha
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • TI12_Security/Security0612

    v2 v3  
    1111 
    1212 1. WS-Security WebSphere - Python interface (Done) 
    13  1. Securing Geoserver. While we expect this work to be done at the Met Office (in cooperation with ESSC), we expect to be providing consultancy on the token signature evaluation etc and coordinating the work (2 days effort) 
    14 3.Update security WS interfaces for Session Manager, Attribute Authority and Simple CA.  NB: Attribute Authority and SimpleCA code is part complete. (10 days effort, 12 total). 
    15 1.re-write of rpc encoded WSDLs to wrapped/doc/literal style 
    16 2.move previous ZSI 1.6 based code to ZSI 2.0 rc3 
    17 3.remove custom pyXMLSec based message security and replace with new WS-Security handler 
    18 4.Refactor pyXMLSec digital signature. This is used in for signing WS messages but ALSO for signing Attribute Certificates. Attribute Certificates are signed using an enveloped signature independently of being sent over the wire via a WS.  (3 days effort, 15 total) Two alternatives: 
    19 1.Refactor signature code removing pyXMLSec code and replacing with new signature code as used with WS-Security signature handler 
    20 2.Dispense with enveloped signature for Attribute Certificates and rely on signature applied by WS-Security handler at the point of message dispatch 
    21 Option 1) is preferred to ensure independence of transport layer. 
    22 5.MyProxy pure python client. Python code to connect to myproxy-server over SSL using M2Crypto and implement the various commands needed: myproxy-logon, myproxy-store, myproxy-destroy. Current status: working MyProxy store method working. (3 days, 18 total). 
    23 1.complete MyProxy logon method 
    24 2.Write MyProxy destroy method (removes a credential from repository) 
    25 6.Oracle Attribute Authority interface for the Python Attribute Authority (to be based on code developed within NDG at BODC). (1 day, 19 total). 
     13 1. DEWS: Securing Geoserver. While we expect this work to be done at the Met Office (in cooperation with ESSC), we expect to be providing consultancy on the token signature evaluation etc and coordinating the work  
     14 1. Update security WS interfaces for Session Manager, Attribute Authority and Simple CA.  NB: Session Manager interface is complete, Attribute Authority and SimpleCA code is part complete.  
     15   1. re-write of rpc encoded WSDLs to wrapped/doc/literal style 
     16   1. move previous ZSI 1.6 based code to ZSI 2.0 rc3 
     17   1. remove custom pyXMLSec based message security and replace with new WS-Security handler 
     18 1. Refactor pyXMLSec digital signature. This is used in for signing WS messages but ALSO for signing Attribute Certificates. Attribute Certificates are signed using an enveloped signature independently of being sent over the wire via a WS.  Two alternatives - Option 1) is preferred to ensure independence of transport layer: 
     19   1. Refactor signature code removing pyXMLSec code and replacing with new signature code as used with WS-Security signature handler 
     20   1.Dispense with enveloped signature for Attribute Certificates and rely on signature applied by WS-Security handler at the point of message dispatch 
     21 
     22 1. !MyProxy pure python client. Python code to connect to myproxy-server over SSL using M2Crypto and implement the various commands needed: myproxy-logon, myproxy-store, myproxy-destroy. Current status: working MyProxy store method working.  
     23  1. complete MyProxy logon method 
     24  1. Write MyProxy destroy method (removes a credential from repository) 
     25 1. Oracle Attribute Authority interface for the Python Attribute Authority (to be based on code developed within NDG at BODC).  
    26261.Take Siva's code used for BODC Oracle interface and use for LostWax Attribute Authority 
    27277.Install Security at the MetOffice and Lost Wax (and possible ESSC too). Go to sites to install or revise installation guide so that it can be done unsupervised. (5 days, 23 total).