simdat authentification and autorisation matteo dell’acqua et-cts meeting, toulouse, 26-30 may...
TRANSCRIPT
![Page 1: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/1.jpg)
SIMDAT Authentification and Autorisation
Matteo Dell’Acqua
ET-CTS meeting, Toulouse, 26-30 May 2008
![Page 2: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/2.jpg)
VGISC security requirements
Confidentiality– Users information , sensitive data
Data integrity User authentication Authorisation
PKI Trust :Trust domain user roles data policies
![Page 3: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/3.jpg)
Virtual Organisation Principles
A
B
C
D
FE
![Page 4: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/4.jpg)
Creation of trust domains
A
B
C
D
FE
VGISC1 VGISC2
Agreement on user roles and data policies
![Page 5: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/5.jpg)
Exchange of public keys
Data integrity, non-repudiation
A
B
C
D
FE
VGISC1 VGISC2
![Page 6: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/6.jpg)
B publishes a data with data policy VGISC1.researcher
A
B
C
D
FE
VGISC1 VGISC2
VGISC1.researcher
![Page 7: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/7.jpg)
A registers John Smith with VGISC1.researcher role
A
B
C
D
FE
VGISC1 VGISC2
VGISC1.researcher
VGISC1.researcher
![Page 8: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/8.jpg)
John Smith wants to access dataset in B
A
B
C
D
FE
VGISC1 VGISC2
VGISC1.researcher
VGISC1.researcher
JS log-ins to A and issues request
![Page 9: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/9.jpg)
John Smith wants to access dataset in B
A
B
C
D
FE
VGISC1 VGISC2
VGISC1.researcher
VGISC1.researcher
A adds the user role VGISC1.researcher to the request and signs it with its
private key, then sends it to B
![Page 10: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/10.jpg)
John Smith wants to access dataset in B
A
B
C
D
FE
VGISC1 VGISC2
B checks signature of A against known public keys.
B checks if A is a member of VGISC1.B trusts A to tell the truth about the user’s role.
B checks role against data policy.
VGISC1.researcher
VGISC1.researcher
![Page 11: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/11.jpg)
Li Yang is a registered userwith D, with the role VGISC2.researcher
A
B
C
D
FE
VGISC1 VGISC2
VGISC2.researcher
VGISC1.researcher
![Page 12: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/12.jpg)
Li Yang wants data from B
A
B
C
D
FE
VGISC1 VGISC2
LY log-ins to D and issues request
VGISC2.researcher
VGISC1.researcher
![Page 13: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/13.jpg)
Li Yang wants data from B
A
B
C
D
FE
VGISC1 VGISC2
D signs the request with its private key and
adds the user role VGISC2.researcher to the request and sends it
to B
VGISC2.researcher
VGISC1.researcher
![Page 14: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/14.jpg)
Li Yang wants data from B
A
B
C
D
FE
VGISC1 VGISC2B checks signature of D against known public
keys.D is either unknown, or not part of VGISC1.
Access is denied.
VGISC2.researcher
VGISC1.researcher
![Page 15: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/15.jpg)
John Smith requests a certificate
A
B
C
D
FE
VGISC1 VGISC2
VGISC1.researcher
VGISC1.researcher
JS log-ins to A and requests a
certificate
![Page 16: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/16.jpg)
John Smith export his certificate
A
B
C
D
FE
VGISC1 VGISC2
VGISC1.researcher
VGISC1.researcher
VGISC1.researcherSigned by A
Certificate is created, contains user roles and is signed by A
![Page 17: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/17.jpg)
A is down… John Smith logs to C with his certificate
A
B
C
D
FE
VGISC1 VGISC2
VGISC1.researcher
VGISC1.researcherSigned by A
JS logs into C with the certificate issued by A
![Page 18: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/18.jpg)
A is down… John Smith logs to C with his certificate
A
B
C
D
FE
VGISC1 VGISC2
VGISC1.researcher
VGISC1.researcherSigned by A
C checks signature of A against it’s public key.C checks if A is a member of VGISC1.
C adds the roles signed by A to the request.C also signs the request.
Request is sent to B.
![Page 19: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/19.jpg)
A is down. John Smith logsto C with his certificate.
A
B
C
D
FE
VGISC1 VGISC2
VGISC1.researcher
VGISC1.researcherSigned by A
B checks signature of A and C against known public key.
B checks A and C are members of VGISC1.B trusts A to tell the truth about the user’s role.
B checks role against data policy.
![Page 20: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/20.jpg)
SIMDAT allows other trust domains to be created
A
B
C
D
FE
VGISC1 VGISC2
Project X
![Page 21: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/21.jpg)
SIMDAT allows other trust domains to be created
A
B
C
D
FE
VGISC1 VGISC2WMO?
Project X
![Page 22: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/22.jpg)
Development status
Development of the Domain Authority: Authorization Engine– Support for Domains
• X509 Certificates used to check exchanged messages and security tokens [use of a PKI with several CAs]
– Support for Attribute Certificates containing the user’s roles• SAML Tokens • Support for data policies qualifying the datasets. They have two components
domain.policy
– Development of a user database on each nodes to locally manage the users and roles
• User’s only known at DWD will access some datasets at Meteo-France
![Page 23: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/23.jpg)
Development status
Development of tools to manage the VO– Web Admin Interface for the Node
• Create/delete domain, Add/remove domain member• Import domain member’s certificates in • Add/Create User,• Add/Remove User’s Roles
– Development of command-line tools offering the same services as the web interface
Use of NTP to synchronize all the Catalogue Nodes– To always deliver valid SAML tokens
![Page 24: SIMDAT Authentification and Autorisation Matteo Dell’Acqua ET-CTS meeting, Toulouse, 26-30 May 2008](https://reader030.vdocuments.mx/reader030/viewer/2022032606/56649eb55503460f94bbd934/html5/thumbnails/24.jpg)
Conclusion
There is a need to have different Authorization schemes– Some datasets will be accessible once the terms and conditions have
been accepted• Fairly weak security: user will self-register,• The portal automatically associates some roles to the user once the user
has agreed to the terms and conditions
– Some datasets have to be very well protected and only accessible to a number of registered users
• High level of security: An admin will register the users and associate roles to these users
There might be a need to support several Authz Token formats