[jira] [Commented] (AIRAVATA-1624) [GSoC] Securing Airavata API

Sat, 07 Mar 2015 15:03:07 -0800 

    [ 
https://issues.apache.org/jira/browse/AIRAVATA-1624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14351826#comment-14351826
 ] 

Suresh Marru commented on AIRAVATA-1624:
----------------------------------------

Hi Hasini,

Thank you for these details. Yes the scenario 4 approach you say makes sense. I 
fully feel comfortable with what you are proposing, I still have some 
implementation questions, but as such the design seem to cater to what Airavata 
needs now. Your WSO2IS internal working knowledge should greatly help with this 
effort.

Please proceed to prepare your GSoC applications. The final destination of this 
should be in the google melenge system. But we also prefer to have you publicly 
copy on Airavata Wiki. Since the applications do not open for a week, you can 
start on the wiki - 
https://cwiki.apache.org/confluence/display/AIRAVATA/%5BGSoC+Proposal%5D+Securing+Airavata+API
 (this is just a template, you can modify it as you like).

All the best with your project,
Suresh

 

> [GSoC] Securing Airavata API
> ----------------------------
>
>                 Key: AIRAVATA-1624
>                 URL: https://issues.apache.org/jira/browse/AIRAVATA-1624
>             Project: Airavata
>          Issue Type: New Feature
>          Components: Airavata API
>            Reporter: Suresh Marru
>              Labels: gsoc, gsoc2015, mentor
>         Attachments: Securing_ARAVATA_API_V1.pdf
>
>
> Apache Airavata uses Thrift based API's for external facing API's and for 
> system internal CPI's. The API's need to be secured adding authentication and 
> authorization capabilities. 
> The Authentication need to ensure only approved users/clients can 
> communicate. Similarly clients should only interact with valid servers. 
> Authorization need to be enforced to ensure only users with specific roles 
> can appropriately access specific API's. As an example, administrative roles 
> should be able see all the users experiments where as end users can only see 
> his/her data and not access other information (unless explicitly shared). 
> Earlier GSoC project focused on this topic has relavent discussion. 
> https://cwiki.apache.org/confluence/display/AIRAVATA/GSoC+2014+-+Add+Security+capabilities+to+Airavata+Thrift+services+and+clients



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to