PandaSecurity

Panda services that interact with other Panda components and with external clients use the standard grid security model of authentication and authorization based on X509 grid certificates, implemented via OpenSSL and https. mod_gridsite is used in Panda Apache servers to support this. Clients use curl for http and https support.

All interactions with Panda that involve anything other than passive read actions require grid-authenticated https. Any user of the system (e.g. job submission via client interface, pilot requesting work) must hold a valid certificate proxy.

The DN of the authenticated user is carried as part of the metadata of a Panda job, so user identity is known and tracked throughout Panda operations. Panda-internal accounting and quota/usage management also uses this information.

Job execution inside pilots and file management currently rely on production certificates. We expect to introduce identity switching from production DN to user DN in the pilots by making use of glexec when it is available and validated for production usage.

We have also defined a means of securing the job workload specification (transformation) from tampering in the Panda DB (encryption of the transformation using RSA key pair, with decoding/validation in the pilot prior to execution).


Major updates:
-- TorreWenaus - 06 Oct 2006
Edit | Attach | Watch | Print version | History: r5 | r4 < r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions...
Topic revision: r1 - 2006-10-07 - TorreWenaus
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    PanDA All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2020 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback