|
|
|
|
|
|
The security of the MyProxy service is of paramount importance to the MyProxy Team. Below we detail our efforts and procedures regarding MyProxy security. Contents
Vulnerability HandlingAs a Globus project, the MyProxy Team participates in the vulnerability handling process of the Globus Security Committee. Vulnerabilities may be reported via:
MyProxy security advisories are released via email to: Please join one or both of these mailing lists to receive MyProxy security advisories. Advisories
Independent Vulnerability AssessmentThe UW-Madison Vulnerability Assessment Project performed an independent vulnerability assessment of the MyProxy software and found no major security vulnerabilities. The few issues found were minor and "did not compromise the certificates and their passphrases managed by MyProxy." The report credits the simplicity of the MyProxy system design and development model for the small number of issues that were found. For more details, see: IGTF AccreditationThe MyProxy CA meets the requirements of the Short Lived Credential Services X.509 Public Key Certification Authorities Profile of The Americas Grid Policy Management Authority, a member of the International Grid Trust Federation. The NCSA MyProxy CA and the NERSC Online CA have been accredited under the Profile. Server RecommendationsPlease choose a well-protected host to run the myproxy-server on. Consult with security-aware personnel at your site. You want a host that is secured to the level of a Kerberos KDC, that has limited user access, runs limited services, and is well monitored and maintained in terms of security patches.
Last modified
03/23/09. |
![[Valid CSS]](http://jigsaw.w3.org/css-validator/images/vcss)
![[Valid Atom 1.0]](http://grid.ncsa.illinois.edu/myproxy/valid-atom.png)
