[STF]

• EU DataGrid project's Security Requirements and first implementation.

  You can find Word and PDF versions of this at:
  http://edms.cern.ch/document/340234/4.0

• The home page for the Lawrence Berkeley Lab's Akenti project (PKI- based authorisation scheme) is:

  http://www-itg.lbl.gov/Akenti/

  Note especially a conference paper which describes the most recent developments:
  http://www-itg.lbl.gov/security/Akenti/Papers/NISTPKIWorkshop.pdf

• The initial Versign/IBM/Microsoft proposals on web services security (WS-Security) are at:

  IBM-Microsoft Web Services Roadmap
  http://www.verisign.com/wss/architectureRoadmap.pdf

  VeriSign/IBM/Microsoft WS-Security Specification
  http://www.verisign.com/wss/wss.pdf

• The report of the May 1st meeting at NeSC to discuss implementing the Grid in a Computing Services environment is on the past events page of the NeSC site:

  http://www.nesc.ac.uk/esi/past.html

• Generic advice JISC gives to universities on what is involved in formulating an overall security policy and putting that into effect. This is on the JISC web site at:

  http://www.jisc.ac.uk/index.cfm?name=jcas_papers_security

• The MAFTIA project - fault-tolerance, denial of service attacks:

  http://www.newcastle.research.ec.org/maftia/

• Firewall recommendations:

  http://tyne.dl.ac.uk/ETF/index.shtml

• EC Permis Authorisation Infrastructure:

  http://sec.isi.salford.ac.uk/permis/ - Papers describing the Infrastructure can be found here.

• Internet 2 Shibboleth Authorisation Infrastructure:

  http://www.oasis-open.org/committees/security/ - OASIS SAML the basis for the Internet 2 Shibboleth Authorisation Infrastructure.