Changes between Version 5 and Version 6 of FeddAuthorizationArchitecture


Ignore:
Timestamp:
Jun 11, 2014 11:45:13 AM (10 years ago)
Author:
faber
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • FeddAuthorizationArchitecture

    v5 v6  
     1[[TOC()]]
     2
    13= Authorization Architecture =
    24
    35
    46The Deter Federation Architecture (DFA) builds experiments for researchers from resources acquired from various testbeds (also called federants).  Conceptually, this is accomplished by presenting the federator (called `fedd`) with an experiment description which the federator breaks into sub-experiments  that it assigns on federants. The federants create the sub-experiments and connect them to make the unified federated experiment.  The federator negotiates local access with individual testbeds and uses their local configuration language to create and connect the sub-experiments.
    5 
    6 == Federator Decomposition ==
    77
    88The federator as has two parts, the ''experiment controller'' and the ''access controllers''.  The experiment controller interacts with researchers to create, configure, and manipulate the federated experiment as a whole.  It is concerned with acquiring access from federants, decomposing experiment descriptions and manipulations of the global experiment allocation state (deallocating, reallocating, restarting, etc).  The access controller is the interface to local resources.  It negotiates access to the underlying local resources, maps permissions in the global attribute space into local configurations and credentials, and manages local resources.