PPDG Site Authentication, Authorization and Accounting

Team leads: Bob Cowles, Dane Skow

Email list: http://www.ppdg.net/mailman/listinfo/ppdg-siteaa

Status:

The current working list of issues and requirements under discussion reflects areas raised as concerns and the current understandings of requirements.

December 19, 2002: Full Report to PPDG meeting.

Bob will give the presentation on the Concensus Requirements and Dane the Issues and Recommendations. Full Reports from participating sites are available.

October 2002: Meetings at GGF6 to work on authorization agreements.

September 2002: GGF creates the Site AAA Research Group. We are hosting the web pages.

July 2002: Slides from the GGF5 BOF are posted. The BOF recommended the creation of a GGF RG on site requirements and expansion of scope to include sites generally, not just large sites.

July 2002: Status presentation on authorization to joint iVDGL-DataTAG (16-Jul-02) and HICB (21-Jul-02) meetings (ppt, pdf).

May 2002: Bob and Dane gave presentations at the ESnet Coordinating Committee about Grid Security and the Site-AAA project goals.

Quarterly Reports from participating sites are available for status details of individual site projects.

March 2002: A proposal for FY2002 funding was submitted to DOE on March 5, 2002 and funded in May/June 2002.

Participants:

ANL: Von Welch 

BNL: Rich Baker, Tom Throwe, Jason Smith, Dantong Yu, Razvan Popescu, Shigeki Misawa 

Caltech: Conrad Steenberg 

FNAL: Dane Skow, Matt Crawford, Rich Wellner, Igor Mandrichenko, Don Petravick, Gabrielle Garzoglio, Sinisa Vesili, Igor Terekhov, Lothar Bauerdick, Ruth Pordes, Lee Lueking 

JLAB: Ian Bird, Robert Lukens, Bryan Hess, Andy Kowalski 

LBNL: Doug Olson, Shane Canon, Steve Chan, Iwona Sakrejda, Mary Thompson 

SLAC: Bob Cowles, Chuck Boeheim, Gary Buhrmaster, Andy Hanushevsky, Adil Hasan, Douglas Smith

Research efforts in the Grid Community have developed an impressive model for globally distributed computing. PPDG strives to take these efforts and to progress to the next level of early user production in a community that has not traditionally been tightly coupled with the Computer Science research community: High Energy and Nuclear Physics (HENP). Successful deployment will require significant investments in integrating both policies and mechanisms with existing infrastructure to accommodate this new approach. Of particular concern is the authentication, authorization and accounting infrastructure.

This project activity includes effort by computer security experts at HENP sites across the US to examine the impact on their particular site of implementing GSI-based services. This will include evaluation of the architectural designs and their implications, as well as integration of some pilot grid-enabled services. Since the nature of this effort is largely integration it is expected that much of the work will be done locally within the context of each site (BNL, FNAL, JLAB, LBNL, SLAC). However, common themes are: Kerberos local infrastructure, a focus on mass storage resources as pilot services, etc. These common areas of interest will warrant inter-laboratory communication and technical sharing. 

Page last updated: l6 Dec 2002