assurance
play

Assurance Introducing composites of DOGWOOD and BIRCH/CEDAR in EGI - PowerPoint PPT Presentation

Dec 11, 2023 •352 likes •545 views

Assessing Combined Assurance Introducing composites of DOGWOOD and BIRCH/CEDAR in EGI and beyond David Groep Nikhef co-supported by the Dutch National e-Infrastructure coordinated by SURF, and by EGI Core Services EGI Combined Assurance

  1. Assessing Combined Assurance Introducing composites of DOGWOOD and BIRCH/CEDAR in EGI and beyond David Groep Nikhef co-supported by the Dutch National e-Infrastructure coordinated by SURF, and by EGI Core Services

  2. EGI Combined Assurance use case • IOTA AP assurance level ‘DOGWOOD’ is different, but remainder of the assurance can be taken up somebody else – the user community or the registrar for the Access Platform Identity elements • Only thing you get is an opaque ID • identifier management • re-binding and revocation • Stepping up to adequate assurance: • binding to entities – Real names from pseudonyms • traceability of entities • emergency communications – Enrolling users in a community – Keeping audit records • regular communications – Auditability and tracing • ‘rich’ attribute assertions – Incident response • correlating identifiers • access control Evolving the EGI Trust Fabric - Bari 2015

  3. The wLCG IOTA CA by-pass ‘ lcg- CA’ For EGI-only sites nothing changed or explicit For EGI sites also under wLCG policy and installed post-EGEE: configuration just install both policy packages “ egi- core” and “ lcg ” ca-policy-egi-core IGTF Classic IGTF MICS IGTF SLCS ca-AEGIS … ca-TCS … ca-DFN-AAI … ca-policy-lcg IGTF Classic IGTF MICS IGTF SLCS ca-CERN- ca-AEGIS … ca-TCS … ca-DFN-AAI … LCG-IOTA Evolving the EGI Trust Fabric - Bari 2015

  4. Project MinE (ALS) use case • Access traditional global grid resources from the CLI • By users that have no PKIX experience but are all properly vetted and registered (in the SURFsara CUA) • Case comparable to LHC VOs (and to ELIXIR) • Give access based on DOGWOOD CUA ID – and prepopulate a VOMS server based on CUA details Leveraging the IGTF registration network for research 25 September 2017

  5. Thanks to Mischa Sallé INTERLUDE Leveraging the IGTF registration network for research 25 September 2017

  6. A proxy from the TTS: the ad-hoc way additional info: Mischa Sallé, msalle@nikhef.nl Leveraging the IGTF registration network for research 25 September 2017

  7. A one-time URL giving a shell script additional info: Mischa Sallé, msalle@nikhef.nl Leveraging the IGTF registration network for research 25 September 2017

  8. Register your ssh public key – like in gitlab, sourceforge, &c additional info: Mischa Sallé, msalle@nikhef.nl Leveraging the IGTF registration network for research 25 September 2017

  9. Hiding PKIX – just like KRB • Implicit retrieval of proxies using ssh-agent • Resulting proxies can decorated with VOMS without need for passphrases or other credentials additional info: Mischa Sallé, msalle@nikhef.nl • Predictable RCauth subject naming (USR) allows pre-registering in VOMS, COmanage, &c Leveraging the IGTF registration network for research 25 September 2017

  10. Beyond DOGWOOD (CERN IOTA, RCauth, CILogon Basic) • Old model: CERN STS tight VO binding model – With the EGI and WLCG specific exception • EGI combined assurance model – Make assurance combination part of service AuthZ – Implemented by major AuthZ frameworks: Argus (1.7.1+), LCMAPS, dCache (3.1+) – Configuration shipped via EGI and WLCG • But: which ‘other’ assurance providers qualify? Leveraging the IGTF registration network for research 25 September 2017

  11. Specific Delegated Responsibilities Need for proper traceability does not go away, so … • who holds that information need not only be a traditional CA • but can be another entity with similarly rigorous processes Some communities have an existing registration system that is very robust • PRACE – in-person links at the home sites • XSEDE – NSF grant approval process • wLCG – CERN Users Office and HR Database Evolving the EGI Trust Fabric - Bari 2015

  12. Distributed Responsibilities I: Trusted Third Party Evolving the EGI Trust Fabric - Bari 2015

  13. Distributed Responsibilities II: Collaborative Assurance & Traceability Evolving the EGI Trust Fabric - Bari 2015

  14. IOTA in the EGI context EGI – by design - supports loose and flexible user collaboration • 300+ communities • Many established ‘bottom - up’ with fairly light -weight processes • Membership management policy* is deliberately light-weight • Most VO managers rely on naming in credentials to enroll colleagues Only a few VOs are ‘special’ • LHC VOs: enrolment is based on the users’ entry in a special (CERN - managed) HR database, based on a separate face-to-face vetting process and eligibility checks, including government photo ID + institutional attestations • Only properly registered and active people can be listed in VOMS Leveraging the IGTF registration network for research 25 September 2017

  15. Developing an assessment framework Leveraging the IGTF registration network for research 25 September 2017

  16. The need for guidance Leveraging the IGTF registration network for research 25 September 2017

  17. Assessment Matrix • Mapping for PKIX/RFC3647 is trivial • How to apply out BIRCH/CEDAR guidance to community registries? https://wiki.eugridpma.org/Main/AssuranceAssessment • Relevant for COmanage & VOMS communities, but maybe wider? Leveraging the IGTF registration network for research 25 September 2017

  18. Discussion! BUILDING A GLOBAL TRUST FABRIC Leveraging the IGTF registration network for research

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

MATERIALS AND TESTING QUALITY ASSURANCE QUALITY ASSURANCE What is Quality Assurance? Why

MATERIALS AND TESTING QUALITY ASSURANCE QUALITY ASSURANCE What is Quality Assurance? Why

Luanna Cambas, P.E. LADOTD District 02 Lab Engineer Jason Davis, P.E. LADOTD Field Quality Assurance Administrator MATERIALS AND TESTING QUALITY ASSURANCE QUALITY ASSURANCE What is Quality Assurance? Why needed? Sampling &

1.01k views • 63 slides
Census Data Quality Assurance 17 May 2010 Types of Quality Assurance (QA) Quality assurance of

Census Data Quality Assurance 17 May 2010 Types of Quality Assurance (QA) Quality assurance of

Census Data Quality Assurance 17 May 2010 Types of Quality Assurance (QA) Quality assurance of captured and coded data Quality assurance of downstream processes (including data security and integrity) Quality assurance of population counts,

129 views • 12 slides
Session 13 INFM 603 Bugs, process, assurance Software assurance: quality assurance for

Session 13 INFM 603 Bugs, process, assurance Software assurance: quality assurance for

Software Assurance Session 13 INFM 603 Bugs, process, assurance Software assurance: quality assurance for software Particularly assurance of security Bad (buggy, insecure software) comes not from discrete, unpredictable,

561 views • 18 slides
SeeTest Quality Assurance Platform On-premise Digital Assurance Lab On-premise Digital Assurance

SeeTest Quality Assurance Platform On-premise Digital Assurance Lab On-premise Digital Assurance

SeeTest Quality Assurance Platform On-premise Digital Assurance Lab On-premise Digital Assurance Lab Centrally manage browsers & mobile devices (physical/emulated), and allow your team to remotely access them from anywhere at anytime Run

534 views • 17 slides
SeeTest Quality Assurance platform SaaS Digital Assurance Lab SaaS Digital Assurance Lab Access

SeeTest Quality Assurance platform SaaS Digital Assurance Lab SaaS Digital Assurance Lab Access

SeeTest Quality Assurance platform SaaS Digital Assurance Lab SaaS Digital Assurance Lab Access hundreds of browsers & mobile devices (physical/emulated) Hosted in Experitest data centers, from anywhere at anytime Run your tests across

288 views • 18 slides
Desk-ercise Moderated By: Jill Micklow Wellness Consultant Assurance Agenda About Assurance

Desk-ercise Moderated By: Jill Micklow Wellness Consultant Assurance Agenda About Assurance

Desk-ercise Moderated By: Jill Micklow Wellness Consultant Assurance Agenda About Assurance Speaker Presentation Q&A Session Key Phrase About Assurance Retail insurance and risk management brokerage Independence

331 views • 32 slides
LPA 2018 QUALITY ASSURANCE What is Quality Assurance? Why needed? Sampling &

LPA 2018 QUALITY ASSURANCE What is Quality Assurance? Why needed? Sampling &

MATERIALS and TESTING QUALITY ASSURANCE LPA 2018 QUALITY ASSURANCE What is Quality Assurance? Why needed? Sampling & Testing 2059 Report Typical Materials and Tests What? A system for ensuring a desired level of

813 views • 64 slides
TECHNOLOGIES, INC. INTRODUCTION SOFTWARE QUALITY ASSURANCE SOFTWARE QUALITY ASSURANCE Software

TECHNOLOGIES, INC. INTRODUCTION SOFTWARE QUALITY ASSURANCE SOFTWARE QUALITY ASSURANCE Software

TECHNOLOGIES, INC. INTRODUCTION SOFTWARE QUALITY ASSURANCE SOFTWARE QUALITY ASSURANCE Software Quality Assurance consist of a means of monitoring the software engineering processes and methods used to ensure quality IEEE 730-2014 BETA

325 views • 20 slides
Evolving Assurance going where? Collaborative, distributed, and generalized assurance beyond

Evolving Assurance going where? Collaborative, distributed, and generalized assurance beyond

Evolving Assurance going where? Collaborative, distributed, and generalized assurance beyond just identity authentication IGTF Generalized LoA, and AARC! With inputs from: Interoperable Global Trust Federation IGTF David Groep

502 views • 17 slides
1 Measuring quality Costs of quality assurance Is it possible to quantify software

1 Measuring quality Costs of quality assurance Is it possible to quantify software

Key Points Many different characteristics of quality Quality Assurance and Testing Importance of having independent quality assurance from development The deliverable of QA is information CSE 403 Write it down Lecture 22 QA

359 views • 5 slides
ASSURANCE AND ACCOUNTABILITY ASSURANCE AND ACCOUNTABILITY GENERAL INFO / ANNOUNCEMENTS

ASSURANCE AND ACCOUNTABILITY ASSURANCE AND ACCOUNTABILITY GENERAL INFO / ANNOUNCEMENTS

ADVANCED COMPUTER SECURITY ASSURANCE AND ACCOUNTABILITY ASSURANCE AND ACCOUNTABILITY GENERAL INFO / ANNOUNCEMENTS Reminder : read and post response to Enforceable Security Policies by tomorrow afternoon. Please send me your talk

524 views • 41 slides
Assignm ent of Assignm ent of Design Assurance Levels Design Assurance Levels SAE S1 8 &

Assignm ent of Assignm ent of Design Assurance Levels Design Assurance Levels SAE S1 8 &

Assignm ent of Assignm ent of Design Assurance Levels Design Assurance Levels SAE S1 8 & EUROCAE W G-6 3 Presented by Steve Beland Associate Technical Fellow Boeing Com m ercial Airplanes August 20, 2008 FAA Software & AEH

504 views • 34 slides
Quality Assurance Stephen Cater, Ph. D Director, Quality Assurance Trade Symposium May 27, 2016

Quality Assurance Stephen Cater, Ph. D Director, Quality Assurance Trade Symposium May 27, 2016

Quality Assurance Stephen Cater, Ph. D Director, Quality Assurance Trade Symposium May 27, 2016 QA Requirements Agenda Sensory Labelling Laboratory Testing Organic Update Packaging Quality Assurance Requirements for Beverage Alcohol in

610 views • 50 slides
Introduction to Assurance Chapter 19 Computer Security: Art and Science , 2 nd Edition Version

Introduction to Assurance Chapter 19 Computer Security: Art and Science , 2 nd Edition Version

Introduction to Assurance Chapter 19 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 19-1 Overview Trust Problems from lack of assurance Types of assurance Life cycle and assurance Waterfall life cycle

825 views • 27 slides
AAT Practice Assurance Dawn Clarkson - FMAAT ATT Todays Practice Assurance event will give

AAT Practice Assurance Dawn Clarkson - FMAAT ATT Todays Practice Assurance event will give

AAT Practice Assurance Dawn Clarkson - FMAAT ATT Todays Practice Assurance event will give you: An understanding of the regulations and standards you must follow Practical guidance on how to comply with the Practice Assurance

942 views • 36 slides
Data Assurance in Opaque Computations High Assurance Systems Engineering Guy Haworth

Data Assurance in Opaque Computations High Assurance Systems Engineering Guy Haworth

Data Assurance in Opaque Computations High Assurance Systems Engineering Guy Haworth guy.haworth@bnc.oxon.org 1 Data Assurance - ACG12, 2009-05-11 Topics Motivation Systems Engineering Cycle Definition: the Problem Domain and the

824 views • 27 slides
Office Of fice of of Hou Housing sing Couns Counseling eling Facilitated by Booth

Office Of fice of of Hou Housing sing Couns Counseling eling Facilitated by Booth

U.S. .S. Depar Department of tment of Housing Housing and and Urban De Urban Development elopment Office Of fice of of Hou Housing sing Couns Counseling eling Facilitated by Booth Management Consulting 7230 Lee Deforest Drive,

573 views • 46 slides
CS440/ECE448 Lecture 22: Including Slides by Svetlana Lazebnik, 10/2016 Linear Classifiers

CS440/ECE448 Lecture 22: Including Slides by Svetlana Lazebnik, 10/2016 Linear Classifiers

Mark Hasegawa-Johnson, 3/2020 CS440/ECE448 Lecture 22: Including Slides by Svetlana Lazebnik, 10/2016 Linear Classifiers License: CC-BY 4.0 Linear Classifiers Classifiers Perceptron Linear classifiers in general Logistic

581 views • 45 slides
Start N, A, X- #2 Finish N, A, X- #3 Halt Halt Sit N, A, X- #4 Halt Halt Sit Down N, A,

Start N, A, X- #2 Finish N, A, X- #3 Halt Halt Sit N, A, X- #4 Halt Halt Sit Down N, A,

N, A, X- #1 Start N, A, X- #2 Finish N, A, X- #3 Halt Halt Sit N, A, X- #4 Halt Halt Sit Down N, A, X- #5 Right Turn N, A, X- #6 Left Turn N, A, X- #7 About Turn Right N, A, X- #8 About U Turn N, A, X- #9 270 o

1.05k views • 67 slides
TXN/SEC CPU CORES TXN/SEC CPU CORES TXN/SEC CPU CORES TXN/SEC CPU CORES TXN/SEC CPU CORES

TXN/SEC CPU CORES TXN/SEC CPU CORES TXN/SEC CPU CORES TXN/SEC CPU CORES TXN/SEC CPU CORES

TXN/SEC CPU CORES TXN/SEC CPU CORES TXN/SEC CPU CORES TXN/SEC CPU CORES TXN/SEC CPU CORES TXN/SEC CPU CORES TXN/SEC CPU CORES TXN/SEC CPU CORES

814 views • 63 slides
Forest Protocol Forest Protocol Protocol Update Effort Protocol Update Effort Goals and

Forest Protocol Forest Protocol Protocol Update Effort Protocol Update Effort Goals and

Forest Protocol Forest Protocol Protocol Update Effort Protocol Update Effort Goals and Objectives Goals and Objectives CAR adopted the Forest Protocols in 2005 CAR Board directed staff in 2007 to: Initiate a stakeholder process

532 views • 25 slides
Transforming the Workplace Through Intentionality Lakesha McDay Dogwood Health Trust April 30,

Transforming the Workplace Through Intentionality Lakesha McDay Dogwood Health Trust April 30,

April 30, 2019 Transforming the Workplace Through Intentionality Lakesha McDay Dogwood Health Trust April 30, 2019 Todays Topics of Discussion What Is Diversity, Inclusion & Equity DI&E as a Growth Strategy The

391 views • 7 slides
OVERVIEW FOR 2016-17 PLAN YEAR May - June 2016 Jac kie Co wsill OE BB Co mmunic atio ns Co o

OVERVIEW FOR 2016-17 PLAN YEAR May - June 2016 Jac kie Co wsill OE BB Co mmunic atio ns Co o

OVERVIEW FOR 2016-17 PLAN YEAR May - June 2016 Jac kie Co wsill OE BB Co mmunic atio ns Co o rdinato r EE Plan Management May 16 June 17 Redesigned and Renamed Moda Medical and Vision plans Required Open Enrollment August 15

510 views • 7 slides
Translating to Equations Return to Table of Contents Slide 5 / 65 Equation An equation is a

Translating to Equations Return to Table of Contents Slide 5 / 65 Equation An equation is a

Slide 1 / 65 Slide 2 / 65 6th Grade Dependent & Independent Variables 2015-11-25 www.njctl.org Slide 3 / 65 Table of Contents Click on a topic Translating to Equations to go to that section. Dependent and Independent Variables

549 views • 22 slides

More recommend