Overview
General design and security risk review for XSEDE Web SSO
Review Summary
- Added component administrators to the list of users
- Added suggested but more complex usage transfer methods to a future enhancements sections
- Added AWS as a desired target hosting environment to the future enhancements section
- Clarified the small amount of script development involved and that it could take more effort to deploy, learn, and operate a more complex tool that does what we need plus a lot more
- Enhanced design with use_amount and use_amount_units fields
- Enhanced design to transport and store unchanged any additional fields that appear in usage records that are not in the design
Review Output Documents (Final)
Review Input Documents
Review Criteria
Please focus on these questions:
- Is the proposed service and its components a reasonable way to address the high-level requirements?
- Is the proposed method to capture usage and send it to the central service appropriate?
- Do the proposed interfaces comply with relevant XSEDE security recommendations and practices?
- Are relevant XSEDE security policies and best practices followed?
Schedule
Current Date: 2023-12-05Current Status: Closed (Design and Security Review)
| Target Date | Actual Date | Activity Milestone |
|---|---|---|
| 2018-04-16 | Review launch date | |
| 2018-04-20 | Written feedback due (Reviewers) | |
| 2018-06-14 | Written response date (Review Material Developers) | |
| 2018-04-27 | 2018-06-14 | Final approval due and completion date (Reviewers) |
Review Last Updated: 2018-06-14 11:29 am
Reviewers
If you are a reviewer, please login to sign or withdraw from this review.
Required
- Jim Basney
SIGNED: 2018-04-16 14:30 - Shava Smallen
VIEWED: 2018-06-14 11:51
SIGNED: 2018-04-23 16:53
Optional
- Eric Blau
- Victor Hazlewood
- Lee Liming
SIGNED: 2018-04-23 18:56 - Jim Marsteller
- Gary Rogers
- Adam Slagell
Review Material Developers
John-Paul Navarro
Review Facilitator
Shava Smallen
