Monday, June 16, 2008

Security Evaluations

I had a call with a NCPHI security steward to ask about some of the security evaluations that we'll be performing with the Secure Reliable Grid Messaging PoC project.

She pointed us specifically to the FIPS 140-2, NIST SP 800-53 and eAuthentication guidelines.

It's a lot of reading, but we'll need to evaluate the algorithm type and strength used by Reliable GridFTP, integrity checking of the message payload, and certificate usage.

No comments: