[AG-TECH] AG security and multicast ?
Osland, CD (Chris)
C.D.Osland at rl.ac.uk
Mon Apr 11 09:07:12 CDT 2005
Sounds a good idea and has the merit of a simple real-world
analogue. A couple of thoughts ...
Presumably anyone inside the meeting would be allowed to lock the
door.
Presumably the main complexity is not sorting out the mechanism
for vic and rat but all shared apps; the real-world analogue
of not doing this is finding a printout of the PowerPoint
presentation, which may convey all the information from the
meeting to anyone that finds them.
Cheers
Chris
____________________________________________________________________
Chris Osland Office tel: +44 (0) 1235 446565
Digital Media and Access Grid Medialab tel: +44 (0) 1235 446459
BIT Department Access Grid room tel: +44 (0) 1235 445666
e-mail: C.D.Osland at rl.ac.uk Fax: +44 (0) 1235 445597
CCLRC Rutherford Appleton Laboratory (Bldg. R18)
Chilton, DIDCOT, Oxon OX11 0QX, UK
[The contents of this email are confidential and are for the use of
the intended recipient only. If you are not the intended recipient
do not take any action on it or show it to anyone else, but return
this email to the sender and delete your copy of it.]
> -----Original Message-----
> From: owner-ag-tech at mcs.anl.gov [mailto:owner-ag-tech at mcs.anl.gov]On
> Behalf Of Derek Piper
> Sent: 11 April 2005 14:29
> To: Gavin W. Burris aka 86
> Cc: Dioselin Gonzalez; ag-tech
> Subject: Re: [AG-TECH] AG security and multicast ?
>
>
>
> Something I've been asked about that's security related
> is about having
> the ability to 'lock' a room from within the venue client, akin to
> having a closed and locked door for a real conference room.
> Then, if the
> room were set up to encrypt the traffic and people couldn't just
> 'jump-in' it might make private meetings more attractive to
> those that
> have a need for it. Sure you can set up a room with allowing certain
> certificates, but that's cumbersome to have to do on a
> per-meeting basis
> if all you want is something like a bunch of 'conference
> rooms'. Having
> to have an operator tailor a room to a particular meeting
> isn't a very
> user-friendly way of doing it.
> I asked a while ago on the list of a good way to do
> that and the
> response was it'd be something I'd have to do myself. If
> enough people
> think it's a feature they want, maybe we can convince the AG software
> writers/maintainers to add functionality?
>
> Derek
>
>
> Gavin W. Burris aka 86 wrote:
> > Here are two good resources:
> > http://multicasttech.com/
> > http://multicast.internet2.edu/
> >
> > I get asked about security more and more now. People are
> concerned that
> > their research will be broadcast to anyone with a multicast-enabled
> > network. VIC and RAT do offer encryption keys, and that is
> an option
> > to enable with AGTk venue servers. Rooms can have access based on
> > your globus certificates, too. And AGTK uses SSL for its
> > client/server connections.
> >
> >
> > Would it be feasible to route multicast though a VPN for very secure
> > meetings? Say, run a VPN server on the same machine that the venue
> > server is on, have clients connect their VPN client to it, and then
> > fire up AG over the encrypted tunnel?
> >
> >
> >
> > Dioselin Gonzalez wrote (on Wed, 6 Apr 2005 at 09:05):
> >
> >>Hello everybody,
> >>
> >>As part of our distance learning project, we need in-depth
> technical
> >>information about security mechanisms and multicast
> allocation in the
> >>AG. Are there any documents or papers about this?
> >>
> >>The team will be doing low-level implementation, so we need
> hard-core
> >>documentation for techies :o)
> >>
> >>Thanks,
> >>
> >>Dio.-
> >>
> >
> >
>
> --
> Derek Piper - dcpiper at indiana.edu - (812) 856 0111
> IRI 323, School of Informatics
> Indiana University, Bloomington, Indiana
>
>
More information about the ag-tech
mailing list