SSO authentication: a new approach
gtr at ast.cam.ac.uk
Wed Mar 9 09:10:14 PST 2005
The 2004 discussions of single-sign-on authentication stalled due to
disagreements and misunderstanding about the trust model. Since then, there
have been other discussions about this (in AstroGrid and in EuroVO-VOTech and
among the GWS members discussing VOStore). From this, I've synthesized a trust
model that seems to work and which defines the architecture of an SSO system
that we could use. Here's the initial document:
(VOTech and AG people: it's compatible with what I said at the DS-3 meeting.)
(VOStore people: it's a poshed-up version of what we discussed earlier this
If this finds favour, then I'll write it up as an IVOA document.
It would be good if we could get some consensus on this trust model and
excellent if it could be agreed by or during the Kyoto interop.
Please note that the trust model sets the requirements for the SSO protocols.
Until we sort out the trust model we can't sort out SSO.
Guy Rixon gtr at ast.cam.ac.uk
Institute of Astronomy Tel: +44-1223-337542
Madingley Road, Cambridge, UK, CB3 0HA Fax: +44-1223-337523
More information about the grid