/[volute]/trunk/projects/grid/gms/doc/GMS.tex
ViewVC logotype

Diff of /trunk/projects/grid/gms/doc/GMS.tex

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 5730 by major.brian, Wed Aug 14 18:34:49 2019 UTC revision 5731 by major.brian, Tue Feb 18 00:46:18 2020 UTC
# Line 20  Line 20 
20  \begin{document}  \begin{document}
21  \begin{abstract}  \begin{abstract}
22    
23  The Group Membership Service (GMS) specification describes a REST interface for determining whether a user is a member of a group.  This membership information can be used to protect access to proprietary resources.  When an authorization decision is needed, a call to GMS can be made to see if the requesting user is a member of the group assigned to protect the resource and, in turn, grant or deny the user access.  Proprietary resources can be any number of things, such as data, metadata or services.  Because a single group can be used to protect multiple, potentially distributed resources, GMS enables the creation of groups that represent teams with common authorization rights.  GMS offers organizations an interoperable, flexible and scalable way of protecting a heterogeneous set of resources within and outside an origanization.  The Group Membership Service (GMS) specification describes a service interface for determining whether a user is a member of a group.  Membership information can be used to protect access to proprietary resources.  When an authorization decision is needed (whether to grant or deny access to a proprietary resource), a call to GMS can be made to see if the requesting user is a member of the group assigned to protect the resource in question.  Examples of proprietary resources are wide ranging but include: observation data and metadata and scarce or limited services and infrastructure.  Because this specification details how a single group can protect multiple, potentially distributed, resources, it allows for the representation of teams with common authorization rights.  The members of such teams can span multiple organizations but can be managed within a single service.  In this way, GMS offers an interoperable, flexible, and scalable mechanism for sharing proprietary assets with a potential dynamic set of team members.
24    
25  \end{abstract}  \end{abstract}
26    
# Line 347  Line 347 
347    
348  \section{Changes from Previous Versions}  \section{Changes from Previous Versions}
349    
350    \subsection{Changes from WD-GMS-1.0-20190506}
351    \begin{itemize}
352    \item{Abstract rephrased}
353    \end{itemize}
354    
355  \subsection{Changes from WD-GMS-1.0-20190329}  \subsection{Changes from WD-GMS-1.0-20190329}
356  \begin{itemize}  \begin{itemize}
357  \item{Reverted Group Identifier to be an IVOID}  \item{Reverted Group Identifier to be an IVOID}

Legend:
Removed from v.5730  
changed lines
  Added in v.5731

msdemlei@ari.uni-heidelberg.de
ViewVC Help
Powered by ViewVC 1.1.26