Difference between revisions of "20.01.2012 T8.2 Conference Call"

From D4Science Wiki
Jump to: navigation, search
(Created page with "== Agenda == Time: Wednesday January 20, 2012, 16:00 - 17:00 Europe/Rome Conference call agenda: * Definition of T8.2 activities == Participants == * Pasqiale Pagano (CNR) * P...")
 
Line 7: Line 7:
 
== Participants ==
 
== Participants ==
  
* Pasqiale Pagano (CNR)
+
* Lino Pagano (CNR)
 
* Paolo Fabriani (ENG)
 
* Paolo Fabriani (ENG)
 
* Ciro Formisano (ENG)
 
* Ciro Formisano (ENG)
  
  
== Main points ==
+
== Discussion on the activities planning ==
* Revise the architecture of the current AA solution of gCube to enhance its reusability
+
* Lino: To bring in production the secure infrastructure should be the first activity of T8.2. Anyway some tests have not been completed yet, so this activity should be postponed.
** This starting phase of the project offers the possibility to plan the introduction of new technological solutions
+
* Ciro agrees with Lino about the incompleteness of the integration tests. Even part of the services  currently are not completely integrated with the secure infrastructure. For this activities ENG is ready to provide the support, as soon as it will be required.
** Most of the activities of this period have this goal
+
** The center of T8.2 should be the definition and the implementation of the Policy Infrastructure, which will manage and enforce the policies of the infrastructure
+
** The starting point of the Policy Infrastructure is what produced in D4Science, but it should be improved in coordination with WP5
+
** A guideline of the evolution of the current Policy Infrastructure could be the possibility to make more fine grained and modular policies
+
* Interoperability
+
** The secure infrastructure should be interoperable with external infrastructures, but the priorities depend on the specific infrastructure and should be evaluated step by step
+
* Federated accounting
+
** The starting point is the accounting solution developed by CERN for D4Science
+
* Data Encryption and data anonymisation will be required for some activities: references could be find in WP9
+
* Identity federation is not required
+
* Auditing currently has lowest priority
+
  
== High priorities ==
+
* Ciro asks to discuss about the activities, the priorities and the implicit requirements of the task starting from the description of provided by the DoW.
* The integration of the Scoping module with the Authorization module
+
* Starting to define the feature of the policies in order to produce a plan of evolution of the current system
+
* Put the secure infrastructure into production environment: this has not highest priorities because the integration of services is not completed
+
  
== Actions for the later stages ==
+
* Lino: The revision of the architecture of the current AA solution of gCube to enhance its re-usability is the starting point of the task activity. In fact the starting phase of the project offers the possibility to plan the introduction of new technological solutions: most of the activities performed in all the tasks of the WP in this period have this goal.
* Accounting  
+
* Encryption (depends on the requirements of WP9)
+
* Ciro: From this point of view, the security module should be isolated from the rest of the infrastructure and should became a real pluggable module. This activity should be performed in coordination of the other tasks.
 +
 
 +
* Lino: The center of T8.2 is the definition and the implementation of the Policy Infrastructure, which will manage and enforce the policies of the infrastructure. The starting point is the Argus-based security module produced in D4Science. The main problem of the current solution is that it is based on a static triple (role, action, resource), that could limit the types of policies available to manage the infrastructure. More information about the actual requirements of this topic could be find in WP5: anyway the improvement towards more dynamic policies or a more fine grained model could be an answer.
 +
 
 +
* Lino: The secure infrastructure should be interoperable with the policy management solutions offered by EMI, EGI-Inspire or EIF. The list of the infrastructures is not completed, but not all the infrastructure have real and complete security mechanisms. Therefore the activities and the priorities should be evaluated on the basis of the requirements of the specific infrastructure.
 +
 
 +
* Lino: The Accounting and the Billing are important requirements because, in a production environment, the services that a user calls could be not free. The solution applied in the project Venus-C seems to a promising candidate that could fulfill every requirement. This solution should be studied and the possibility of integration with the what was developed for D4Science (as the accounting solution developed by CERN) and what is possibly provided by other infrastructures, should be evaluated.
 +
 
 +
* Paolo: at first glance agrees with Lino about the applicability of the Venus-C solution for IMarine. There are good possibilities that further and deeper studies will confirm the adequacy of the solution.
 +
 
 +
* Lino: Auditing currently has no priority, anyway more information about the topic will be provided later.
 +
 
 +
* Lino: Some activities involve the handling of sensitive data: this fact will probably require the support of data Encryption and data anonymisation. This activities are better defined in WP9 that will be the requirements source for this activity.
 +
 
 +
* Ciro: asks if the Identity Federation could be considered an added value for the infrastructure
 +
 
 +
* Lino: Identity federation is not required
 +
 
 +
 
 +
 
 +
== Activities agreed (in order of priority)==
 +
* The '''integration of the Scoping module with the Authorization module''' is currently in progress
 +
* Starting to '''define the feature of the policies''' in coordination with WP5, in order to produce a plan of evolution of the current system
 +
* The task of '''bringing the secure infrastructure into production environment''' cannot have maximum priority because the integration of services is not completed
 +
* '''Accounting''': the possibility to re-use, totally or in part, the Venus-C solution should be evaluated
 +
* '''Encryption''': the requirements will be the product of part of the activities of WP9

Revision as of 18:10, 23 January 2012

Agenda

Time: Wednesday January 20, 2012, 16:00 - 17:00 Europe/Rome

Conference call agenda:

  • Definition of T8.2 activities

Participants

  • Lino Pagano (CNR)
  • Paolo Fabriani (ENG)
  • Ciro Formisano (ENG)


Discussion on the activities planning

  • Lino: To bring in production the secure infrastructure should be the first activity of T8.2. Anyway some tests have not been completed yet, so this activity should be postponed.
  • Ciro agrees with Lino about the incompleteness of the integration tests. Even part of the services currently are not completely integrated with the secure infrastructure. For this activities ENG is ready to provide the support, as soon as it will be required.
  • Ciro asks to discuss about the activities, the priorities and the implicit requirements of the task starting from the description of provided by the DoW.
  • Lino: The revision of the architecture of the current AA solution of gCube to enhance its re-usability is the starting point of the task activity. In fact the starting phase of the project offers the possibility to plan the introduction of new technological solutions: most of the activities performed in all the tasks of the WP in this period have this goal.
  • Ciro: From this point of view, the security module should be isolated from the rest of the infrastructure and should became a real pluggable module. This activity should be performed in coordination of the other tasks.
  • Lino: The center of T8.2 is the definition and the implementation of the Policy Infrastructure, which will manage and enforce the policies of the infrastructure. The starting point is the Argus-based security module produced in D4ScienceAn e-Infrastructure operated by the D4Science.org initiative.. The main problem of the current solution is that it is based on a static triple (role, action, resource), that could limit the types of policies available to manage the infrastructure. More information about the actual requirements of this topic could be find in WP5: anyway the improvement towards more dynamic policies or a more fine grained model could be an answer.
  • Lino: The secure infrastructure should be interoperable with the policy management solutions offered by EMI, EGI-Inspire or EIF. The list of the infrastructures is not completed, but not all the infrastructure have real and complete security mechanisms. Therefore the activities and the priorities should be evaluated on the basis of the requirements of the specific infrastructure.
  • Lino: The Accounting and the Billing are important requirements because, in a production environment, the services that a user calls could be not free. The solution applied in the project Venus-C seems to a promising candidate that could fulfill every requirement. This solution should be studied and the possibility of integration with the what was developed for D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. (as the accounting solution developed by CERN) and what is possibly provided by other infrastructures, should be evaluated.
  • Paolo: at first glance agrees with Lino about the applicability of the Venus-C solution for IMarine. There are good possibilities that further and deeper studies will confirm the adequacy of the solution.
  • Lino: Auditing currently has no priority, anyway more information about the topic will be provided later.
  • Lino: Some activities involve the handling of sensitive data: this fact will probably require the support of data Encryption and data anonymisation. This activities are better defined in WP9 that will be the requirements source for this activity.
  • Ciro: asks if the Identity Federation could be considered an added value for the infrastructure
  • Lino: Identity federation is not required


Activities agreed (in order of priority)

  • The integration of the Scoping module with the Authorization module is currently in progress
  • Starting to define the feature of the policies in coordination with WP5, in order to produce a plan of evolution of the current system
  • The task of bringing the secure infrastructure into production environment cannot have maximum priority because the integration of services is not completed
  • Accounting: the possibility to re-use, totally or in part, the Venus-C solution should be evaluated
  • Encryption: the requirements will be the product of part of the activities of WP9