GENI.net
 » 
GENI Control Framework WG

CF Requirements: 7) Slices and Identity

View: New views
1 Messages — Rating Filter:   Alert me  

CF Requirements: 7) Slices and Identity

by Harry Mussman :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

GENI Control Framework WG Members, and Christophe Blanchi - CNRI,


A first DRAFT (v01.3) of the GENI Control Framework Requirements
document has been completed, and can be found at
http://groups.geni.net/geni/wiki/GeniControlFrameworkRequirements 

A discussion of the document on February 25, 2009 resulted in the
identification of 10 discussion items, which can be found at
http://groups.geni.net/geni/attachment/wiki/GeniControlFrameworkRequir
ements/030609_CFRequireReviewTopics.pdf



This email begins a discussion thread on:  7)  Slices and Identity

I would like to invite Christophe Blanchi - CNRI to begin the
discussion, and then others are invited to join in.  



7a)  In his written comments on the document, Jeff Chase thought that
the sections on Principal identity and Slices seemed too focused on
this one approach:  Slice (record) is established;  Researcher is
"added to" the slice;  Researcher acquires resources, etc.  

He felt that we should allow a Researcher to participate whose
attributes are known (e.g., from Shibboleth), but not necessarily his
identity.  

Also, that there are situations when a Researcher (or their tools)
needs to create a new slice on the fly, and this must be easy to do.

On the call, the group then had a wide-ranging discussion on the
nature of transactions, and felt that the CF needs to support a range
of transactions.


7b)  The current DRAFT of the CF Requirements document covers
Principals (Researchers) in Section 5.2 and Slices in Section 5.4.

7c)  How can this be crafted to support a range of options with slice
and identity?

Perhaps we should be able to support:

        Identified slice owner;  specific slice;  identified PI as
"super user" for slice;  identified researcher(s), with privileges

        Identified slice owner;  specific slice;  identified PI as
"super user" for slice;  associated researcher(s), known only by
attributes, with privileges

        (Slice owner has been called "slice authority" in earlier GENI
documents.)

        How can a slice be easily added in each of these situations?
It must have the same slice owner.  Is it bound to the first slice?
Share its characteristics?  


Perhaps we also need to support "casual" GENI users:

        Default slice owner;  "casually defined" slice;  default PI;
associated researcher(s), known only by attributes, with very few
privileges

         



We look forward to a continuing, lively discussion, working towards a
'rough consensus".

Harry E. Mussman
Control Framework Systems Engineer

GENI Project Office
BBN Technologies
10 Moulton Street
Cambridge, MA 02138
(617) 873-4282 - Office
(781) 266-8479 - Mobile
(617) 873-4888 - Fax
hmussman@...
www.bbn.com



_______________________________________________
control-wg mailing list
control-wg@...
http://lists.geni.net/mailman/listinfo/control-wg
Free embeddable forum powered by Nabble Forum Help