Title of project: A2Z – Akenti Access to zetoc
Project Manager: Ross MacIntyre Lead Institution: University of Manchester
Duration of Award: 11/02-11/03
Period of Report: 11/02-01/03
Total amount: £79,321
Total co-funding: n/a
I confirm that the project development is being conducted under the terms
agreed in the initial contract with JISC.
No substantial changes from Project Proposal, however, no recruitment has taken place, so initial work being performed by existing members of staff.
Web site created http(s)://a2z.mimas.ac.ukEvaluation environment created.Support for digital certificate authentication implemented as planned.
Project Manager: Ross MacIntyre, MCDevelopers: Mike Jones, ESNW, Andrew Weeks, MCzetoc Application Consultancy: Ashley Sanders, MCe-Science Consultancy: Stephen Pickles, ESNWSystems Support: Geoff Lane, MC
The following meetings were attended by project staff.
4-6 December NeSC meetings:
4 Managing Access to Resources on the Grid.
5&6 Grid Security: the why, what, where and how.
23/24 January ChemGrid Meeting
30/31 January GridPP Meeting
The Project Plan has now been produced and forwarded to the AAA Programme Manager.
The project’s evaluation environment has been created on an existing Sun E6500. A dedicated new user account was created and new instance of Apache installed, including mod_ssl. The virtual web domain a2z.mimas.ac.uk has been allocated. Thus http://a2z.mimas.ac.uk and https://a2z.mimas.ac.uk are up and running.
The Certificate Authority “UK e-Science CA” has been imported into the web server and each user’s browser. Digital certificates, issued by e-Science, have been obtained by project staff (from http://ca.grid-support.ac.uk/) and have been installed in their browsers. Note that these require that the user is using a specific version of Netscape - v4.79.
A copy of the zetoc code has been installed under the a2z user account and successfully links to the full zetoc database. The initial screen display has been amended to highlight the use of digital certificate authentication, e.g. “Certificate details: issued to ross macintyre, MC, eScience, Manchester; expires on Jan 29 17:51:14 2004 GMT”.
Work on creating a version of the zetoc Alert mechanism has begun. The Alert has to be associated with the individual, so a persistent identifier had to be found. This may change in future to be an attribute passed post authorisation, but will initially be the user’s distinguished name (SSL_CLIENT_S_DN).
The latest version of Akenti (version 1.2a) was released on 6th January 2003 and has been downloaded. All additional software required was installed by end January. There was a small problem with OpenLDAP, but this has now been resolved and the Akenti install will proceed asap in February.
Contact has been made with Mary Thompson, Head of Secure Grid Technologies Group, Lawrence Berkeley National Laboratory, the developers of Akenti. It has been agreed that the lead developer, Abdelilah “Abdou” Essiari will visit Manchester to assist in Akenti installation and configuration 25th-28th March 2003. It is also intended to organise an informal seminar, inviting others interested in Akenti-related topics.
Contacts have been made with David Chadwick, who has performed a ‘desk comparison’ of Akenti and PERMIS architectures at Salford. Additionally, Jon Duke of Warwick’s RIM project has expressed interest in using Akenti as part of their project. Both contacts will be maintained.