Changes between Version 2 and Version 3 of SecurityArchitecture
- Timestamp:
- 05/28/12 16:08:02 (12 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
SecurityArchitecture
v2 v3 3 3 * Only one service (QCG-Computing) must be started with root privileges. However it adheres privilege separation model (similar to OpenSSH), thus actually only a very small amount of code is running with root privileges. Moreover most of the crucial operations (job submission, stage-in/stage-out operations) are performed as target local user so even breaking the service would not give attacker any more privileges that he already has. 4 4 * Any authorization decision is based on provided credentials, not the trust relationship between components. 5 * The QosCosGrid stack operation model requires static accounts instead of mapping user credential to a one of pool account (which later might be reused by some other user) thus preventing one user from storing malicious content.5 * The !QosCosGrid stack operation model requires static accounts instead of mapping user credential to a one of pool account (which later might be reused by some other user) thus preventing one user from storing malicious content. 6 6 7 7 = Architecture =
