[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [AG-TECH] AG security and multicast ?

To: "Gavin W. Burris aka 86" <ga5in@psu.edu>
Subject: Re: [AG-TECH] AG security and multicast ?
From: Derek Piper <dcpiper@indiana.edu>
Date: Mon, 11 Apr 2005 11:07:27 -0500
Cc: Dioselin Gonzalez <dioselin@purdue.edu>, ag-tech <ag-tech@mcs.anl.gov>
In-reply-to: <16986.36970.114940.21754@loki.aset.psu.edu>
References: <4253ECBF.4000408@purdue.edu> <16982.42669.702756.723450@loki.aset.psu.edu> <425A7B89.30103@indiana.edu> <16986.36970.114940.21754@loki.aset.psu.edu>
Sender: owner-ag-tech@mcs.anl.gov
User-agent: Debian Thunderbird 1.0.2 (X11/20050328)

Well, that's just it - there's a difference in how you are viewing the users. If people are participating in a conference it would be nice to just be able to simply say 'no more can join' with a click of a button. In most meetings I hold, the participants are 'trusted', i.e. they are meant to be there. Someone who is not meant to be there is easily identified. You allow people that know about the meeting in there BEFORE it starts. Then, it's in progress and they can't get in. Then, when all particpants have left or the room is explicitly 'unlocked', it becomes available again.
For truely 'secure' meetings, an attendee list is nicer/better, but for the sake of widespread use and not having to administrate EVERYONE's use of the tool for every single meeting, a simpler security method would be very useful. Personal AG nodes are going to start appearing on people desks soon, and if they have to contact a central 'group' (or person, in some cases) to add them into this specified list (so they can just have a simple meeting without people 'jumping in') then it's just not going to be used effectively. There are different uses for the AccessGrid software than large scale nodes/meetings.
Also, since shared applications were mentioned, if no more can join, then other people can't get to the instances of the shared applications that are in the venue. Then it becomes a matter of protecting the network traffic, which is a different problem.
For the most part from what I've gathered, the sort of security people want on a set of virtual 'conference rooms' is like that of a conference room. You're talking about you either have an open-door policy or you 'hire a bouncer to only let people in who's names are on a list'. Try and think about where I'm coming from on this.

Derek

Gavin W. Burris aka 86 wrote:

I think allowing anyone into a secure meeting until you "lock the
door" is a poor security model.  No need to lock the door and be
worried about who you have already let in, because it is really not
that user unfriendly to have an attendee list and add them to a secure
room with the GUI server administration tool.  If you don't do
security properly, it is just another hoop someone has to jump through
to get what you don't want them to have.

Derek Piper wrote (on Mon, 11 Apr 2005 at 08:28):
Something I've been asked about that's security related is about having the ability to 'lock' a room from within the venue client, akin to having a closed and locked door for a real conference room. Then, if the room were set up to encrypt the traffic and people couldn't just 'jump-in' it might make private meetings more attractive to those that have a need for it. Sure you can set up a room with allowing certain certificates, but that's cumbersome to have to do on a per-meeting basis if all you want is something like a bunch of 'conference rooms'. Having to have an operator tailor a room to a particular meeting isn't a very user-friendly way of doing it.
I asked a while ago on the list of a good way to do that and the response was it'd be something I'd have to do myself. If enough people think it's a feature they want, maybe we can convince the AG software writers/maintainers to add functionality?

Derek

Gavin W. Burris aka 86 wrote:
Here are two good resources:
http://multicasttech.com/
http://multicast.internet2.edu/

I get asked about security more and more now.  People are concerned that
their research will be broadcast to anyone with a multicast-enabled
network.  VIC and RAT do offer encryption keys, and that is an option
to enable with AGTk venue servers.  Rooms can have access based on
your globus certificates, too.  And AGTK uses SSL for its
client/server connections.


Would it be feasible to route multicast though a VPN for very secure
meetings?  Say, run a VPN server on the same machine that the venue
server is on, have clients connect their VPN client to it, and then
fire up AG over the encrypted tunnel?



Dioselin Gonzalez wrote (on Wed, 6 Apr 2005 at 09:05):
Hello everybody,

As part of our distance learning project, we need in-depth technical information about security mechanisms and multicast allocation in the AG. Are there any documents or papers about this?

The team will be doing low-level implementation, so we need hard-core documentation for techies :o)

Thanks,

Dio.-
--
Derek Piper - dcpiper@indiana.edu - (812) 856 0111
IRI 323, School of Informatics
Indiana University, Bloomington, Indiana

--
Derek Piper - dcpiper@indiana.edu - (812) 856 0111
IRI 323, School of Informatics
Indiana University, Bloomington, Indiana

Follow-Ups:
- Re: [AG-TECH] AG security and multicast ?
  - From: Jennifer Teig von Hoffman <jtvh@bu.edu>

References:
- [AG-TECH] AG security and multicast ?
  - From: Dioselin Gonzalez <dioselin@purdue.edu>
- Re: [AG-TECH] AG security and multicast ?
  - From: "Gavin W. Burris aka 86" <ga5in@psu.edu>
- Re: [AG-TECH] AG security and multicast ?
  - From: Derek Piper <dcpiper@indiana.edu>
- Re: [AG-TECH] AG security and multicast ?
  - From: "Gavin W. Burris aka 86" <ga5in@psu.edu>

Prev by Date: Re: [AG-TECH] AG security and multicast ?
Next by Date: RE: [AG-TECH] AG security and multicast ?
Previous by thread: Re: [AG-TECH] AG security and multicast ?
Next by thread: Re: [AG-TECH] AG security and multicast ?
Index(es):
- Date
- Thread