ARGUS-EES v.0.0.10

Release Notes

This is the initial release of the Execution Environment Service (EES).

The role of the EES is to ensure that an appropriate site-specific execution environment is procured based on the site-agnostic obligations and attributes it receives as input in the form of SAML2-XACML2 requests. It runs as a standalone service, responding to requests from a Policy Enforcement Point (PEP) which have been augmented with information from a Policy Decision Point (PDP).

From the outside, the EES can be viewed as an obligation transformer; for example it can be used to transform a site-agnostic obligation for a local account mapping to a site-specific obligation for on-demand virtual machine deployment.

To integrate the EES with an existing Argus installation, a separate component called the EES Obligation Handler should be configured in the PEP daemon. For more details regarding integration in Argus, please see the documentation for this component. The EES itself ships with a pre-configured transformer plug-in which extracts PDP data from the SAML2-XACML2 environment attributes. This plug-in is not required when PDP data is not transmitted to the EES.

The EES Obligation Handler is tested with the Argus 1.3 PEPd and performs a network call-out to the EES service.

List of RFCs

Documentation

Artefacts

Binary
ees-pepd-oh-0.0.4-1.sl5.noarch
ees-0.0.10-2.sl5.x86_64
saml2-xacml2-c-lib-1.0.1-1.sl5.x86_64

-- EmidioG - 04-May-2011

Edit | Attach | Watch | Print version | History: r2 < r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r2 - 2011-05-05 - EmidloGiorgioExCern
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    EMI All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2020 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback