EMI Pseudonymity Service Reference Card

Service Reference Card (Pseudonymity Service 1.1.0 for EMI-2)

  • Functional description: Hides users' real identity behind a pseudonymous identity
  • Services running:
    • Java application org.glite.pseudo.standalone.PseudonymityService
  • Init scripts and options:
    • /etc/init.d/pseudonymity-service {start|stop|status|restart}
  • Configuration files location with example:
    • Config directory: /etc/pseudonymity/server
    • Logging directory: /var/log/pseudonymity/server
      • Logging configuration: /etc/pseudonymity/server/logging.xml
  • Open ports:
    • Service port: *:8443
    • Admin port: localhost:8444
  • Possible unit test of the service: None
  • Where is service state held (and can it be rebuilt): The service state is in memory, no persistency provided.
  • Cron jobs: None
  • Security information
    • Access control mechanism (authentication & authorization):
      • Authentication: SSL/TLS client authentication on the service port
      • Authorization: Configured in the configuration file (subject DN and/or VOMS attributes)
    • How to block/ban a user
      • Not suppoted, except via certificate revocation
    • Network Usage
      • TCP traffic to the service port, outgoing TCP traffic to the online CA, attribute authority and possibly audit database.
    • Firewall configuration
      • The service port should be open for TCP traffic.
    • Security recommendations
    • Security incompatibilities
    • List of externals (packages are NOT maintained by Red Hat)
    • Other security relevant comments
  • Utility scripts: None
  • Location of reference documentation for users:
  • Location of reference documentation for administrators:
Edit | Attach | Watch | Print version | History: r4 < r3 < r2 < r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r4 - 2012-04-26 - HenriMikkonen
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    EMI All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2020 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback