- 1、本文档共19页,可阅读全部内容。
- 2、原创力文档(book118)网站文档一经付费(服务费),不意味着购买了该文档的版权,仅供个人/单位学习、研究之用,不得用于商业用途,未经授权,严禁复制、发行、汇编、翻译或者网络传播等,侵权必究。
- 3、本站所有内容均由合作方或网友上传,本站不对文档的完整性、权威性及其观点立场正确性做任何保证或承诺!文档内容仅供研究参考,付费前请自行鉴别。如您付费,意味着您自己接受本站规则且自行承担风险,本站不退款、不进行额外附加服务;查看《如何避免下载的几个坑》。如果您已付费下载过本站文档,您可以点击 这里二次下载。
- 4、如文档侵犯商业秘密、侵犯著作权、侵犯人身权等,请点击“版权申诉”(推荐),也可以打举报电话:400-050-0827(电话支持时间:9:00-18:30)。
查看更多
Two questions for you! Do we (the Grid community) need LoAs in achieving fine-grained access control, or are we happy with binary authentication decisions? If ‘Yes’, then how to approach this? – build on, or have something completely different from, the NIST recommendation. Should we work together with other federations, e.g. the e-Authentication federation, the InCommon federation, the UK JISC community (Shibboleth-based), etc… to come up with a set of consistent LoAs so as to achieve seamless inter-federation resource sharing? 精品文档 Gaps for using existing LoA definitions (1/3) Assertion messages: Do we need guidance on the procedures and generation of assertion messages versus LoAs? Conflict: assertion message validity periods vs. LoAs vs Grid Job durations Token strength: Should we impose limited lifetimes to passwords? Extent to which an authentication event is coupled to an authorisation event. 精品文档 These are also the LoA attributes. Ning Zhang, the University of Manchester, UK David Groep, National Institute for Nuclear and High Energy Physics, NL Blair Dillaway, OGF Security Area Director E-Infrastructure Security:Authentication Levels of Assurance (LoAs)– background and introductory discussion of issues 精品文档 Agenda Factors affecting LoAs Why do we need LoAs Current work/efforts in defining LoAs Gaps when applying these existing definitions to the Grid context 精品文档 Factors affecting LoAs All the steps of an authentication process: Identity proofing/vetting Credential issuance Types/strengths of authentication credentials How/where credentials are stored Strengths of authentication protocols/services Record keeping and auditing Extent to which an authentication event is coupled to an authorisation event 精品文档 Why do we need LoAs? A binary ‘Yes’ or ‘No’ decision for authentication decision is no longer satisfactory, as More diverse resources (data and services, etc) are being incorporated into the Grid fabric, e.g. health Grids hosting patients’ private d
您可能关注的文档
- Literaturhinweise zur Trainingswissenschaft课件.ppt
- LiveABC中高级聽读 试题练习三课件.ppt
- Logistics Enterprise 新手指南系统资料操作课件.ppt
- M1校长手机移动版管理系统简介课件.ppt
- MagazinePlus日文杂志 使用说明课件.ppt
- MAGE Course Project课件.ppt
- Managing Multimedia Equipment课件.ppt
- Maney 期刊目前为数不多的独立出版商之一。公司成立于课件.ppt
- Map Reading课件.ppt
- Mark Mc Keownmark.mckeown@man.ac.uk课件.ppt
文档评论(0)