Context Navigation

Changes between Version 5 and Version 6 of FeddAuthorizationArchitecture

-                      v5
+                      v6
+[[TOC()]]
 = Authorization Architecture =
 The Deter Federation Architecture (DFA) builds experiments for researchers from resources acquired from various testbeds (also called federants).  Conceptually, this is accomplished by presenting the federator (called `fedd`) with an experiment description which the federator breaks into sub-experiments  that it assigns on federants. The federants create the sub-experiments and connect them to make the unified federated experiment.  The federator negotiates local access with individual testbeds and uses their local configuration language to create and connect the sub-experiments.
-== Federator Decomposition ==
 The federator as has two parts, the ''experiment controller'' and the ''access controllers''.  The experiment controller interacts with researchers to create, configure, and manipulate the federated experiment as a whole.  It is concerned with acquiring access from federants, decomposing experiment descriptions and manipulations of the global experiment allocation state (deallocating, reallocating, restarting, etc).  The access controller is the interface to local resources.  It negotiates access to the underlying local resources, maps permissions in the global attribute space into local configurations and credentials, and manages local resources.