Interface Security
------------------

All service interfaces must be encrypted/secured via protocols like
ssh and https.  All unsecured interfaces must be protected via
file-based sockets or via firewall rules.  They must also be proxied
via services that have secure interfaces.

As we will need to support several authentication mechanisms
(including grid certificates), the authentication mechanism should be
clearly separated from authorization mechanisms.  It is very likely
that the authentication will need to take place in the services
providing the external interfaces, so ways of passing the
authentication information should be provided in underlying services.

As the grid security model includes subjects (DNs), groups, and roles,
OpenNebula should look into how those could be included in the
interfaces and underlying database.  Note that one subject can have
multiple groups and roles.


Security Policies
-----------------

As much as possible we should adopt the existing grid security
policies.  These are already vetted by a large number of projects and
accepted by them.  There is a question on expanding the definition of
"Grid" in the documents to include cloud-like resources.  It may also
be necessary in the future to provide an addition document about
user-level services and monitoring of those services.


Security Officer
----------------
Overall the project should probably define a Security Officer that
would look for security concerns in the software and represent
StratusLab on bodies that will rewrite/expand the existing security
policies.