This wiki service has now been shut down and archived
Theme8 Second Workshop Position Statements
From ESIWiki
Trust and Security in Virtual Communities
POSITION STATEMENTS/TITLES & ABSTRACTS Second Workshop: Usability and Interoperability in AuthN/AuthZ
Oxford, May 8th and 9th 2008
It might be helpful if you tried to answer the following questions in relation to your work:
1. Compared to other issues, how important do you think usability is for your users/project/community? Are there "show stopping" issues right now? How significant a barrier to take-up is the perceived difficulty of using the system(s)?
2. How closely linked are usability and interoperability? How can both be improved without introducing complexity? What are the greatest impediments to improvement in this area?
3. What does eScience security have to learn from other online communities in this area? How can security be "good enough", and an "enabler" rather than an "impediment"?
Richard Sinnott
Compared to other issues, how important do you think usability is for your users/project/community?
Pretty much essential. Given that security and getting a certificate is the starting point for most mainstream Grids ala NGS, this has to be removed for less cluster/Globus-savvy communities, i.e. the vast majority of folk out there. Shibboleth is the way to go in my opinion, but even there we are in a moving target with moves from SAML -> SAML 2.0. It also depends on the communities. Thus the electronics folk in nanoCMOS are happy with running large scale jobs through gLite/Resource Brokers/GANGA (they have now clocked up over 250,000 jobs on ScotGrid) but others don't want access to a cluster for some compute intensive task. They want access to data resources that are distributed and messy and services that tie these together etc.
Are there "show stopping" issues right now? How significant a barrier to take-up is the perceived difficulty of using the system(s)?
Show stoppers are making it simple and offering content/services which users can find, and point / click / run rather than expecting users to install Globus, get certificates and grid-proxy-init. We also need to consolidate on best practice rather than jumping on the next new idea.
How closely linked are usability and interoperability? How can both be improved without introducing complexity? What are the greatest impediments to improvement in this area?
Standards for interoperability are now getting there and folk are implementing them. They need stress testing which we are looking at right now through projects such as VPman. Usability for me is key to end users - hence our Shibboleth focus. There are issues with usability for adminstrators that need to be considered though. It is not so easy to define and enforce security policies with the numerous flavours of authorisation software out there. Also many folk don't just want secure access to a service but often at what lies beneath, e.g. subsets of the data that a service might make available. Specifying security policies on access to subsets of the contents of a database is non-trivial since you end up nearly repeating what the DBMS is designed to do. This is especially challenging when data sets are evolving - which they ~always are!
What does eScience security have to learn from other online communities in this area? How can security be "good enough", and an "enabler" rather than an "impediment"?
Probably lots. I am more focused on getting Grid security working and hardened though through the various projects at NeSC. Other things like DRM for example, or Web2.0 approaches like OpenId are interesting but I am wary of them being a distraction from getting the job done. Security will also be an enabler when it is ~hidden from end users.
Angela Sasse
and Philip Inglesant
Our talk is tentatively entitled "Usability & security in the specification of access control policies", and it's based on our experiences in interviewing Grid administrators and users and evaluating a controlled natural language editor (part of PERMIS) for specifying authorisation policies based on our findings. So, it's about AuthZ rather than AuthN, and particularly specification - and policy-based access control, with an interesting sideview on the use of controlled natural language.
Compared to other issues, how important do you think usability is for your users/project/community?
Our research is with users in many different e-science applications rather than for one community in particular. Across the spectrum of applications, usability is a key issue for specification of access control policies - to the extent that many Grid resource owners avoid it as far as possible, or apply the most basic approach. Although policy-based access control - PERMIS is based on RBAC - seems to be the way forward for scalability and maintainability, many Grid resource owners don't understand these access control models. The challenge is to enable them to express policies without understanding RBAC, or with only a basic understanding of it.
How closely linked are usability and interoperability?
Our view is that usability and security are not necessarily mutually antagonistic - usable security is more likely to be applied. Using a common standard and policy-based access control should improve interoperability but the models are not well understood, as we've said.
What does eScience security have to learn from other online communities in this area?
We also work in usable security in many other areas - not only Grid/e-Science. For example, the sophisticated privacy and security requirements of social networking sites - security controls are available, but often left to default because they are hard to find, and don't provide all the controls users might expect - yet they are nevertheless hard for users to understand. There are obvious parallels with Grid security which goes beyond traditional decentralised and r/w/x permissions.
David Chadwick
Jens Jensen
(Tentative) title: "Usable security for science: challenges and next steps"
This talk is mainly from the service provider's (STFC) perspective: what do our customers want and how do we meet their requirements? The talk looks at our current security infrastructure, and in particular how we improve usability without compromising security (much). The talk closes with some thoughts on the next steps.