[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Handle-globus] Meeting minutes... 06/02/05
Meeting minutes (6/2/05)
Topic-1: Leverage Grid
authentication for handle administration
- Problem Description
Client
-- A
Grid Service -- B
HS Server --
C
1. A send
handle administrative request to B
2. B
authenticates A
3. Upon
successful authentication, B forward A?s request to C
4. C
honors B?s authentication on A, and fulfills C?s request after
authorization
check on A.
- Problem
Discussion
The handle
system is designed to allow other authentication schemes to be used instead of
its build-in mechanism. The stated problem can be an example of such scenario.
Implementation details of such feature remain to be investigated, as well as
ways to integrate it with the Grid authentication
mechanism.
Topic-2: Protocol mapping from SAML, XDMS to
Handle namespace
- Problem Description
Protocols like SAML, XDMS, and
WSRF make frequent exchange of attribute-value pairs over pre-assumed
subjects.
- Problem Discussion
Frank suggests to map URI used in
these protocols into handle data types Values referred to by any URI can thus
map to the handle value of the type named after the URI. Assume that the
subject of these attributes is mapped to a handle, one can now resolve any
subject attribute from the Handle System based on the data type base on its
URI ?type?.
Topic-3: Protocol
mapping from SAML, XDMS to Handle namespace
- Problem Description
Mapping of different namespaces
into the handle system, without causing namespace confliction.
- Problem Discussion
Each namespace can be assigned a
unique pre-prefix. For example,
DNS.<DNS-namespace>
DN.<DistinguishedNames>
WSRF.<URI>
Other Work Items:
- CVS setup for Handle-Globus distribution
- Update HDL6.1 and deposit in CVS
- WIKI setup for project discussion
- Better packaging and documentation for the grid-handle demo
code
- GT4 installation and integration with grid-handle
service