<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Hi all - I thought we had group consensus yesterday on the path forward. Also, going back to Eric's post - we worked on this as a group quite a bit back in 2009, and from the wiki:<div><span class="Apple-style-span" style="font-family: Helvetica, Arial, sans-serif; font-size: 13px; line-height: 17px; "><h4 style="line-height: normal; font-weight: bold; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; font-size: 13pt; margin-top: 25px; margin-right: 0px; margin-bottom: 4px; margin-left: 0px; color: rgb(0, 51, 102); "></h4><blockquote type="cite"><h4 style="line-height: normal; font-weight: bold; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; font-size: 13pt; margin-top: 25px; margin-right: 0px; margin-bottom: 4px; margin-left: 0px; color: rgb(0, 51, 102); ">Basic Course of Events</h4><ul style="font-size: 10pt; line-height: 13pt; list-style-type: disc; "><li style="font-size: 10pt; line-height: 13pt; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; ">The ESG Gateway authenticates with a Datanode.</li><li style="font-size: 10pt; line-height: 13pt; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; ">The ESG Gateway requests metrics data from the Datanode for a specific time range.</li><li style="font-size: 10pt; line-height: 13pt; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; ">The Datanode retrieves the metrics data for the specific time range.</li><li style="font-size: 10pt; line-height: 13pt; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; ">The Datanode returns the metric data to the ESG Gateway</li><li style="font-size: 10pt; line-height: 13pt; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; ">The ESG Gateway persists the returned metric data to its Database.</li></ul></blockquote></span><div>One of the hard requirements that drove this was the ability to detect unwanted user behavior, know who that is, disable them, and possibly take other action.</div><div><br></div><div>cheers - don</div><div><br></div><div><div>On Apr 19, 2011, at 4:10 PM, Gavin M. Bell wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite">
<div text="#000000" bgcolor="#ffffcc">
Hi Eric <br>
<br>
(comments below)<br>
<br>
On 4/19/11 1:46 PM, Eric Nienhouse wrote:
<blockquote cite="mid:4DADF4AA.504@ucar.edu" type="cite">
<pre wrap="">Hi All,
We discussed the Data Node metrics access logging service in our GO-ESSP
call today. This is a key integration point between Gateways and Data
Nodes and is a high priority feature for the 1.3.0 release.
Following is a summary of our conclusions. Please note anything that
may be incorrect or unclear.
1) The Data Node metrics access logging service should be secured via SSL.
2) Gateway access to the metrics service should require (GW client)
authentication.
3) Email address should not be included in the metrics records exchanged.
</pre>
</blockquote>
nod<br>
<blockquote cite="mid:4DADF4AA.504@ucar.edu" type="cite">
<pre wrap="">4) There are a number of use cases which imply tracking user OpenID's
at the GW and DN.
</pre>
</blockquote>
I sill think that the openid's should be obfuscated. The one bit of
information in the openid that will be in a different field will be
the hostname value of the user's openid i.e. their IDP. With that
bit of information there will be everything that one would need in a
metrics context. Thus you would be able to answer the metrics
question: How many people accessing Y data have accounts on X? X
being the IDP of an organization.<br>
<br>
I share Bob's and Philip's concern about data exposure. In the
scenario above, the openid of person Z can still be positively
gotten by asking idp X, 'hey who is Z?', but this is not the general
case. This also follows the basic pattern that we employ for email
addresses which we all agree should not be passed around on the
wire, regardless of transfer mechanism. The pattern for email is
that we have to run a special resolution service in order to perform
the lookup, because that information is not made directly available.<br>
<br>
So, the returned metrics would not have the openid but have two bits
of information:<br>
1 - the openid / userid hash<br>
2 - the hostname of the IDP for whom the openid is in custody.<br>
<br>
I think this should be sufficient to provide reasonable privacy
regardless of using secured ssl or not.<br>
I cannot see a use case in the context of metrics that require any
additional information.<br>
Do you concur? <br>
<blockquote cite="mid:4DADF4AA.504@ucar.edu" type="cite">
<pre wrap="">We discussed providing examples or best practices for securing the
metrics service. (Ideally for a Non-Spring Tomcat environment.)
(Phil, Luca, Nate?)
We noted the Gateway 1.3.0 RC1 release is waiting on finalizing the
metrics service interface and security configuration. We need to
identify the time-line for accomplishing securing the metrics service.
(Gavin?)
For further background, the ESG Metrics Use Cases can be found below.
These Use Cases support our conclusions above.
<a class="moz-txt-link-freetext" href="https://wiki.ucar.edu/display/esgcet/Metrics">https://wiki.ucar.edu/display/esgcet/Metrics</a>
I appreciate all the input today.
Thanks,
-Eric
_______________________________________________
GO-ESSP-TECH mailing list
<a class="moz-txt-link-abbreviated" href="mailto:GO-ESSP-TECH@ucar.edu">GO-ESSP-TECH@ucar.edu</a>
<a class="moz-txt-link-freetext" href="http://mailman.ucar.edu/mailman/listinfo/go-essp-tech">http://mailman.ucar.edu/mailman/listinfo/go-essp-tech</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Gavin M. Bell
Lawrence Livermore National Labs
--
"Never mistake a clear view for a short distance."
-Paul Saffo
(GPG Key - <a class="moz-txt-link-freetext" href="http://rainbow.llnl.gov/dist/keys/gavin.asc">http://rainbow.llnl.gov/dist/keys/gavin.asc</a>)
A796 CE39 9C31 68A4 52A7 1F6B 66B7 B250 21D5 6D3E
</pre>
</div>
_______________________________________________<br>GO-ESSP-TECH mailing list<br><a href="mailto:GO-ESSP-TECH@ucar.edu">GO-ESSP-TECH@ucar.edu</a><br>http://mailman.ucar.edu/mailman/listinfo/go-essp-tech<br></blockquote></div><br></div></body></html>