Difference between revisions of "CLARIN/Security for web services"

From PDP/Grid Wiki
Jump to navigationJump to search
Line 6: Line 6:
  
 
=== Open ===
 
=== Open ===
All services trust each other. No technical security measures (other than, possibly, blocking complete strangers); managable upto ~15 services [REF NEEDED]
+
All services trust each other. No technical security measures (other than, possibly, blocking complete strangers); managable upto ~15 services [TODO ref needed]
  
 
=== Shibboleth + delegation ===
 
=== Shibboleth + delegation ===

Revision as of 13:32, 23 March 2011

  • ISOcat registry
  • CMDI, component metadata infrastructure


Approaches

Open

All services trust each other. No technical security measures (other than, possibly, blocking complete strangers); managable upto ~15 services [TODO ref needed]

Shibboleth + delegation

Shibboleth is already used for federated authentication. It has ECP support with delegation, though only through a plugin. The next major IdP release may include it though.

One cannot expect each IdP to install this plugin, or to have an up-to-date version [TODO check if this is the case with Shibboleth version policies]. Therefore this option is not viable.

SAML ECP

OAuth 1.0

OAuth 2.0

Links

Standards

Libraries

Federations

Other