OGSA Security session
=====================

OGF-19, Chapel Hill, NC


Introduction
============
- Andrew Grimshaw welcomes the audience and outlines the sessions agenda
- Andrew introduces the session's topic

Alan Sill, TTU
==============
- Andrew introcudes the audience to his view on security
- Goals should be
  -- immediate (short term) goals for OGSA
  -- Reach an understanding how to refer to OGSA security in related documents
- OGSA Security is a subset of OGF Security Ares
- OGSA Security lives within the context of OGSA
- Marty Hmphrey (OGSA-HPCP) insists that HPCP does not conflict with 
  OGSA security profiles
- Andrew points out that being compliant wooth OGSA does not exist per se
  -- Instead, it is compliance with a set or, for that matter, a subset of 
     OGSA profiles

Open discussion
===============
- The group discusses openly the issues around OGSA security
- A plethora of groups and standards (e.g. on levels of assurance) are already
  available - how is the expected reference and collaboration with those groups?
- The Grid may be in the situation noow the Internet has been earlier in that 
  we need something that *every* Grid must implement in terms of security even
  if insecure (refer to telnet and Internet)
- Instantiation of an activity on BES needs the relevant security information 
  attached as annotations in some form.
  -- There are examples of existing solutions that allow any security framework
     be orthogonally attached to the guarded service
- The biggest rub with shortterm goals is the missing definition and notion 
  of delegation
- Is a Standards body such as OGF or for that matter, OGSA, an appropriate place
  to define seccurity protocols?
- Should OGSA rather provide a framework where one can plug in security 
  mechanisms as appropriate and required by the implemented requirements?
- Regardless whether computational or data grids, security has the identical 
  scope

Action Items
============
- Develop basic, short-term use-cases  || MUST manage scope creep
  (Andrew Grimshaw)
- Develop profile to supprt use-cases  || MUST manage scope creep
  (Andrew Grimshaw)
- Refine profile for username/password in OGSA context
  (Alan Sill)
- Complete OGSA-AuthN roadmap
  (Alan Sill)
- Glossary
- Develop richer use-cases and extract requirements
  (Hiro Kishimoto)
-