Functional Description

The Argus Authorization Service renders consistent authorization decisions for distributed services (e.g., user interfaces, portals, computing elements, storage elements). The service is based on the XACML standard, and uses authorization policies to determine if a user is allowed or denied to perform a certain action on a particular service.

The Argus Authorization Service is composed of three main components:

Policy Administration Point (PAP)
Provides the tools to author authorization policies, organize them in the local repository and configure policy distribution among remote PAPs.
Policy Decision Point (PDP)
Implements the authorization engine, and is responsible for the evaluation of the authorization requests against the XACML policies retrieved from the PAP.
Policy Enforcement Point Server (PEP Server)
Handles the authorization requests received from the PEP client, and ensures the integrity and consistency. Configurable policy information points (PIP) can transform or complete the incoming requests. Oobligation handlers (OH) can be applied to the resulting response.
Policy Enforcement Point client (PEP client)
Lightweight PEP client libraries are also provided to ease the integration and interoperability with other EMI services or components.

The following graphic shows the interaction between the components of the service:

Argus Service Components

Note: In Argus, the PEP is separated in a client/server architecture. The PEP Server handles the lightweight PEP client requests, and runs on the Argus node.

Please have a look to the Argus Authorization Service twiki for more information and documentation

System Administrator Documentation

User Documentation

N/A: The Argus Authorization Service is a middleware component, and not intended for end users.

Topic attachments
I Attachment History Action Size Date Who Comment
PDFpdf EMI-Argus-SRC-1.1.0.pdf r1 manage 445.2 K 2013-02-21 - 13:01 ValeryTschoppExCern EMI Argus Service Reference Card 1.1.0
PDFpdf EMI-Argus-SysAdminGuide-1.1.0.pdf r1 manage 1005.0 K 2013-02-26 - 15:01 ValeryTschoppExCern EMI Argus System Administrator Guide 1.1.0
Edit | Attach | Watch | Print version | History: r8 < r7 < r6 < r5 < r4 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r8 - 2013-02-26 - ValeryTschoppExCern
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    EMI All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2020 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback