[AG-TECH] AG security and multicast ?
Derek Piper
dcpiper at indiana.edu
Mon Apr 11 08:28:41 CDT 2005
Something I've been asked about that's security related is about having
the ability to 'lock' a room from within the venue client, akin to
having a closed and locked door for a real conference room. Then, if the
room were set up to encrypt the traffic and people couldn't just
'jump-in' it might make private meetings more attractive to those that
have a need for it. Sure you can set up a room with allowing certain
certificates, but that's cumbersome to have to do on a per-meeting basis
if all you want is something like a bunch of 'conference rooms'. Having
to have an operator tailor a room to a particular meeting isn't a very
user-friendly way of doing it.
I asked a while ago on the list of a good way to do that and the
response was it'd be something I'd have to do myself. If enough people
think it's a feature they want, maybe we can convince the AG software
writers/maintainers to add functionality?
Derek
Gavin W. Burris aka 86 wrote:
> Here are two good resources:
> http://multicasttech.com/
> http://multicast.internet2.edu/
>
> I get asked about security more and more now. People are concerned that
> their research will be broadcast to anyone with a multicast-enabled
> network. VIC and RAT do offer encryption keys, and that is an option
> to enable with AGTk venue servers. Rooms can have access based on
> your globus certificates, too. And AGTK uses SSL for its
> client/server connections.
>
>
> Would it be feasible to route multicast though a VPN for very secure
> meetings? Say, run a VPN server on the same machine that the venue
> server is on, have clients connect their VPN client to it, and then
> fire up AG over the encrypted tunnel?
>
>
>
> Dioselin Gonzalez wrote (on Wed, 6 Apr 2005 at 09:05):
>
>>Hello everybody,
>>
>>As part of our distance learning project, we need in-depth technical
>>information about security mechanisms and multicast allocation in the
>>AG. Are there any documents or papers about this?
>>
>>The team will be doing low-level implementation, so we need hard-core
>>documentation for techies :o)
>>
>>Thanks,
>>
>>Dio.-
>>
>
>
--
Derek Piper - dcpiper at indiana.edu - (812) 856 0111
IRI 323, School of Informatics
Indiana University, Bloomington, Indiana
More information about the ag-tech
mailing list