Embed Size (px)
Citation preview
browser
User
Certificate
MailBox
VOMS-Admin Host
Tomcat
TR1) Users Trusts “VOMS-Admin” server identity. step1
TR2) User Trusts data (Data1, HTML response) sent from the Server only perform authorized actions; data is not corrupted; and data is sent by the VOMS_Admin server. User trusts “Data1” for (Integrity, Authenticity, Authorization) properties
TR3) VOMS-Admin Trusts data (Data2, certificate and the request) from the user only performs authorized activity (nothing other than registering or removing user’s own account) and VOMS-Admin trusts that Data2 is sent by the user owning the DN in the request. VOMS-Admin trusts Data2 for (Authorization, Authenticity, Integrity)
Connect to VOMS-Admin and requests Membership (1)
Requests data (2)
Sends request and Certificate data(3)
Because of TR2 and TR3, a user trusts data submitted from all other users.
TR4) A user trusts “Data4”sent from another user to only perform authorized actions. This is relationship has the assumption that Data1 may have an effect on Data2, and Data4 has an affect on Data3. Otherwise, the trust relationship is not held true.
User1 VOMS-Admin Server
Trusts Data1 for (Integrity, Authorization, Authenticity)
Trusts Data2 for (Integrity, Authorization, Authenticity)
User2
Data1
Data2
Dat
a3
Dat
a4
Trus
ts D
ata3
Trus
ts D
ata4
Trusts Data4 for (Integrity, AuthNAuthZ)
Trusts Data1 for (Integrity, AuthNAuthZ)
Voms-Admin
SMTP Server
MailBoxuser
Sends email to userEmail confirmation
User Confirms owning the email address
TR5) Voms-Admin trusts that the email address is not malicious (has no malicious script) TR6) VOMS-Admin assumes only user can have access to the email addressTR7) SMTP server trusts email address is not malicious (has no malicious script)TR8) User trusts the email is from VOMS-Admin (not spoofed) TR9) User trusts the email has no malicious links (the link for confirmation takes the user to the real VOMS-Admin web page andDoes not try to compromise user’s computer)
VOMS-Admin
SMTP Server
MailBoxVO-Admin
Sends membershiprequestmembership
request
VO-Admin approvesOr rejects the request
TR10) VOMS-Admin Trusts that the email address of VO-Admin is not malicious (does Not contain a script).TR11) VOMS-Admin Trusts only the VO-Admin can access the email address TR12) The VO-Admin Trusts the email really come from the VOMS-Admin (not spoofed)TR13) VO-Admin Trusts that the email has no malicious links or scripts TR14) VOMS-Admin Trusts only VO-Admin can access approval/rejection portal. VOMS-Admin Trusts the browser cookie of VO-Admin. VOMS-Admin assumes nobody can access the cookie except the VO-Admin
