The paper on “Extending the Security Assertion Markup Language to Support Delegation for Web Services and Grid Services” by Jun Wang and my friend Marty Humphrey over at the CS department, University of Virginia, is a great read. It illustrates how one could do user rights delegation using SAML. This is a common scenario in Internet-scale applications (aka Grid applications). They also have an implementation using Microsoft‘s WSE.
Here’s a quote from the paper:
“The problem with the conventional approach in Grids – GSI X509 proxy certificates [5] – is that commercial tooling for Web Services does not necessarily recognize and properly process these certificates, typically the Distinguished Name (DN) in the certificate or in path validation. Even with the recent introduction of proxy certificates in the IETF, it is not clear when and if this commercial support will occur. An alternative approach that is pursued in this work is to leverage and extend existing Web Services standards, without breaking the existing tooling, so as to facilitate Grid practitioners more easily building and consuming services across the Grid without requiring Grid-specific protocols.”
Excellent stuff.
In my last post, I wrote that "the typing of code was parallelized and delegated.…
In February, I wrote about the small team I'd stood up instead of hiring humans:…
Assembling a dream team without a single hire I've been making great progress on CVOYA's…
As 2025 is now behind us, I wanted to share a few reflections from my…
Few months ago, we bought a sculpture from a local art fair for our Palm…
There’s a unique energy that comes with starting something new — a blend of excitement,…