Version 1 (modified by prateek, 7 years ago)

--

We have the following actors as part of our implementation.

  • GOC: GENI's trust root
  • IdP: Identity Provider
  • PA: Project Authority
  • SA: Slice Authority
  • Orca: Orca Aggregate Manager
  • DrD: PI named Dr. D
  • TTGuy: Experimenter named Test Tube Guy

The individual actor policies are as follows.

Project Authority

The PA trusts a GOC endorsed IdP to issue user-role credentials.
PA.GeniPI <- GOC.GeniIdP.GeniPI

The PA requires a user to be a GENI PI, to be able to create a project.
PA.GeniPI <?- Requester

The PA's access control policy for a project allows the project's manager(s) to operate on the project. It also allows the project manager(s) to further delegate the privilege.
PA.Operate_ProjectId <- PA.PM_ProjectId
PA.Operate_ProjectId <- PA.PM_ProjectId.Operate_ProjectId

The PA issues a project manager credential, for the newly created project, to the requester.
PA.PM_ProjectId <- Requester

Slice Authority

The SA trusts the GOC to issue clearinghouse coordinator credentials.
SA.GeniPA <- GOC.GeniPA

The SA trusts a GOC endorsed IdP to issuer user-role credentials.
SA.GeniExperimenter? <- GOC.GeniIdP.GeniExperimenter?

The SA requires a user to be a trusted GENI experimenter in order to create a slice. A slice can only be created under a project that's root is a trusted project authority. Also, the requester must have the privilege, asserted by the project’s root, to operate on the project.
SA.GeniExperimenter? <?- Requester
SA.GeniPA <?- ProjectRoot?
ProjectRoot?.Operate_ProjectId <?- Requester

The SA's access control policy for a slice allows a project manager of the associated project to operate on the slice. It also allows the project manager(s) to further delegate the privilege. The SA delegates the policy to determine the project manager(s), to the project root.
SA.Operate_SliceId <- ProjectRoot?.PM_ProjectId
SA.Operate_SliceId <- ProjectRoot?.PM_ProjectId.Operate_SliceId

The SA also issues a non-delegatable credential, for operating on the slice, to the requester.
SA.Operate_SliceId <- Requester

Aggregate Manager

The Orca AM trusts the GOC to issue clearinghouse coordinator credentials.
OrcaAM.GeniSA $\leftarrow$ GOC.GeniSA

The Orca AM trusts a GOC endorsed IdP to issue user-role credentials.
OrcaAM.GeniExperimenter? <- GOC.GeniIdP.GeniExperimenter?

The Orca AM requires a user to be a trusted GENI experimenter in order to operate on a slice. Also, the slice's root has to be a trusted slice authority and the requester must have the privilege to operate on the slice.
OrcaAM.GeniExperimenter? <?- Requester
OrcaAM.GeniSA <?- SliceRoot?
SliceRoot?.Operate_SliceId <?- Requester