Скачать презентацию The EU Grid PMA David Kelsey CCLRC RAL d Скачать презентацию The EU Grid PMA David Kelsey CCLRC RAL d

e8fc24bb6a4084125a8a7261d01467ff.ppt

  • Количество слайдов: 6

The EU Grid PMA David Kelsey CCLRC/RAL d. p. kelsey@rl. ac. uk 16 April The EU Grid PMA David Kelsey CCLRC/RAL d. p. kelsey@rl. ac. uk 16 April 2004, Dublin

The EU Grid PMA “Policy Management Authority” · Continues from the EDG CACG www. The EU Grid PMA “Policy Management Authority” · Continues from the EDG CACG www. eugridpma. org · Defines Minimum requirements and Best practices · Accredits Authorities · General authentication – not just PKI · Members · Accredited Authorities · Major relying parties (EGEE, DEISA, SEE-GRID, LCG, …) · TERENA (TACAR) · 1 st meeting – April 2004 – Florence (INFN) · Charter approved · David Groep (NIKHEF) appointed as Chair David Kelsey – The EU Grid PMA – 16 Apr 2004 e. IRG meeting, Dublin- 2

EU Grid PMA coverage · Most countries in Europe have a national CA · EU Grid PMA coverage · Most countries in Europe have a national CA · “Catch-all” for EGEE (France) and SEE-GRID for S. East · Green: CA Accredited · Yellow: being discussed Other Accredited CAs: · · · · · David Kelsey – The EU Grid PMA – 16 Apr 2004 Do. EGrids (USA) Grid. Canada ASCCG (Taiwan) Arme. SFO (Armenia) CERN Russia (LCG) FNAL Service CA (USA) Israel Pakistan e. IRG meeting, Dublin- 3

Authentication Policy Guidelines · Wherever possible · No more than one CA per country Authentication Policy Guidelines · Wherever possible · No more than one CA per country · Aim for widest possible cover · PMA does not provide identity assertions · Certificates issued meet or exceed the guidelines · Identity for Grid/e. Science Authentication only · No support of data encryption or nonrepudiation · No support for financial transactions · No liability! David Kelsey – The EU Grid PMA – 16 Apr 2004 e. IRG meeting, Dublin- 4

Policy Guidelines (2) · A single authoritative source for verifying roots of trust is Policy Guidelines (2) · A single authoritative source for verifying roots of trust is needed (see TACAR) · We must work in the global arena (GGF & gridpma. org) · GSI imposes technical constraints which must be met · The PMA is mainly technical · Development needs technical experts David Kelsey – The EU Grid PMA – 16 Apr 2004 e. IRG meeting, Dublin- 5

Endorsement of the EUGrid. PMA The EU Grid Policy Management Authority (PMA) http: //www. Endorsement of the EUGrid. PMA The EU Grid Policy Management Authority (PMA) http: //www. eugridpma. org/ a group of as mutually trusted Certification Authorities ( is CAs), instrumental for the security infrastructure of current GRID projects in the global arena. An endorsement by the e. IRG of the EUGrid. PMAwill be a concrete first step towards common EU polices for authentication for resource access and sharing for e-science. David Kelsey – The EU Grid PMA – 16 Apr 2004 e. IRG meeting, Dublin- 6