REVIEW-89: XCI-496 XSEDE OAuth-SSH for Open OnDemand Design - Design/Security Review

Overview

Design and security review of an Open OnDemand module and SSH service that facilitates use of XSEDE compute resources through Open OnDemand. This is a prototype design, intended to demonstrate a path forward, but with notable constraints. Specifically, the scope is limited to the Open OnDemand context: this design does not currently support other SSH clients.

Review Input Documents

Review Criteria

  • Does the proposed design satisfy all XSEDE security service guidelines and standards
  • Does the proposed design provide the required user functionality in the most straightforward way possible
  • Does the proposed design interact with other IAM services in the most appropriate way
  • Can the proposed design be implemented in Open OnDemand
  • Suggestions for how the prototype design could be made better for production use: more interoperable, flexible, robust, maintainable, fewer constraints, etc.

Schedule

Current Date: 2022-10-02
Current Status: Reviewer Feedback (Design and Security Review)
Target Date Actual Date Activity Milestone
  2022-03-16 Review launch date
2022-03-31 Written feedback due (Reviewers)
2022-04-15 Written response date (Review Material Developers)
2022-04-29 Final approval due and completion date (Reviewers)
Review Created: 2022-03-15 3:36 pm
Review Last Updated: 2022-03-21 6:54 pm

 

Reviewers

If you are a reviewer, please login to sign or withdraw from this review.

Required

  • Jim Basney
    VIEWED: 2022-03-28 10:40
    SIGNED: 2022-03-28 10:40
  • John-Paul Navarro
    VIEWED: 2022-03-21 18:56

Optional

  • Jason Alt
  • David Hudak
    VIEWED: 2022-03-21 16:30
  • Stephen Rosen
  • Ben Sandbrook
    VIEWED: 2022-05-25 20:13
  • Robert Settlage
  • Derek Simmel

Review Material Developers

Lee Liming

Review Facilitator

John-Paul Navarro

 

Please post your comments using the "New topic" or "Post reply" buttons in the forum below.