Charter for FVGA-WG
Date 2013-05-18
Group Abbreviation:
fvga-wg
Group Name:
Firewall Virtualization for Grid Applications WG
Area:
Infrastructure
Group Leadership:
| Ralph Niederberger | r.niederberger@fz-juelich.de | Chair |
| inder monga | imonga@nortel.com | Chair |
| Thijs Metsch | tmetsch@platform.com | Chair |
Group Summary:
Grid Computing expounds the vision of applications having on-demand, ubiquitous access to distributed services running on diverse, managed resources like computation, storage, instruments, and networks among others, that are owned by multiple administrators. As grids move towards forming dynamic, seamless Virtual Organizations (VOs) using distributed resources, they require application driven transport privileges from the network. Pre-existing security policies within the network such as in firewalls, network address translators, application level gateways, VPN style gateways etc. tend to interfere with these new applications and the VO formation, and usually require an administrator/manual intervention to work.
The Firewall Issues research group (fi-rg) has documented the use cases and classified the issues that Grid applications experience when trying to traverse and/or control data transport policy enforcement devices (GFD.83). The group is also in process of publishing a document that analyzes and categorizes new firewall protocols, architectures and on-demand frameworks.
This working group will leverage the application requirements from the FI-RG to standardize a set of service definitions for a virtualized control interface into firewalls and other midboxes allowing the grid applications to securely and dynamically request application/workflow-specific services from those devices, for the duration of the service.
Charter Focus/Purpose and Scope:
Goals/Deliverables:
Title:
Type:
| Milestone | Date (YYYY-MM) | Completed? | Completed Date (YYYY-MM) |
|---|
| First Draft |
|
|
|
| Public Comment |
|
|
|
| Publication |
|
|
|
Title:
Type:
| Milestone | Date (YYYY-MM) | Completed? | Completed Date (YYYY-MM) |
|---|
| First Draft |
|
|
|
| Public Comment |
|
|
|
| Publication |
|
|
|
Seven Questions:
1. Is the scope of the proposed group sufficiently focused?
2. Are the topics that the group plans to address clear and relevant for the Grid research, development, industrial, implementation, and/or application user community?
3. Will the formation of the group foster (consensus-based) work that would not be done otherwise?
4. Do the group's activities overlap inappropriately with those of another OGF group or to a group active in another organization such as IETF or W3C?
5. Are there sufficient interest and expertise in the group's topic, with at least several people willing to expend the effort that is likely to produce significant results over time?
6. Does a base of interested consumers (e.g., application developers, Grid system implementers, industry partners, end-users) appear to exist for the planned work?
7. Does the OGF have a reasonable role to play in the determination of the technology?
Group Status:
Active
Public Description (for print & web site):
Grid Computing expounds the vision of applications having on-demand, ubiquitous access to distributed services running on diverse, managed resources like computation, storage, instruments, and networks among others, that are owned by multiple administrators. As grids move towards forming dynamic, seamless Virtual Organizations (VOs) using distributed resources, they require application driven transport privileges from the network. Pre-existing security policies within the network such as in firewalls, network address translators, application level gateways, VPN style gateways etc. tend to interfere with these new applications and the VO formation, and usually require an administrator/manual intervention to work.
The Firewall Issues research group (fi-rg) has documented the use cases and classified the issues that Grid applications experience when trying to traverse and/or control data transport policy enforcement devices (GFD.83). The group is also in process of publishing a document that analyzes and categorizes new firewall protocols, architectures and on-demand frameworks.
This working group will leverage the application requirements from the FI-RG to standardize a set of service definitions for a virtualized control interface into firewalls and other midboxes allowing the grid applications to securely and dynamically request application/workflow-specific services from those devices, for the duration of the service.