Argus Installation

From Gcube Wiki
Revision as of 11:39, 8 May 2013 by Ciro.formisano (Talk | contribs) (Created page with '==Introduction== Argus Authorization Framework<ref name="Argus_Site">https://twiki.cern.ch/twiki/bin/view/EGEE/AuthorizationFramework</ref> is an implementation of OASIS ''eXtend…')

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Introduction

Argus Authorization Framework[1] is an implementation of OASIS eXtended Access Control Markup Language (XACML) Standard[2]. It is composed by a set of web services provided by three elements:

  • Policy Administration Point (PAP), to store and manage XACML Policies
  • Policy Decision Point (PDP), to take authorization decision basing on the policies and context attributes (e.g. date/hour)
  • Policy Enforcement Point, Client (PEPC) and Daemon (PEPD), to enforce policy decisions

Further information on the architecture can be found on SOA3 Authorization Module.

SOA3 Authorization Module

The picture shows how Argus elements is integrated in SOA3 Authorization Module: in particular, SOA3 Policy Management Service manages the policies with Argus PAP, while the PEPC library is integrated in SOA3 Authorization Service and communicates with Argus PEPD.

In this section a step by step guide to configure Argus elements is provided: it is based on Argus 1.5.0, but other versions differs only for the path of the configuration files. Anyway, for IMarine, Argus v1.5.0 or above is recommended: an RPM can be found here.

Policy Administration Point

  1. https://twiki.cern.ch/twiki/bin/view/EGEE/AuthorizationFramework
  2. http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf