Changes between Version 1 and Version 2 of WorkShop07/SecurityGroup


Ignore:
Timestamp:
Sep 7, 2007, 9:53:20 AM (17 years ago)
Author:
Nicolas
Comment:

typo fix; avoid #1 showing as a link to a ticket

Legend:

Unmodified
Added
Removed
Modified

  • WorkShop07/SecurityGroup

    v1 v2  
    44  * Mechanism to lock down client to make sure that only specified project websites could be accessed by the BOINC client
    55  * BOINC ‘funnel’ that would be able to distribute work to internal clients and itself download and return work and apps from the project server (allows virus scanning and locking down of work).  Firewalls on machines can be configured to restrict communications of client to only that internal server
    6   * Security is #1 problem faced when WCG talks to large organizations about become partners and broadly deploying BOINC to their internal computers
     6  * Security is !#1 problem faced when WCG talks to large organizations about become partners and broadly deploying BOINC to their internal computers
    77 * Risk of vulnerabilities within the client or server
    88  * Desired – periodic security review by external orgnizations
     
    1313  * Projects should be able to send a kill switch to the core client to shut it down.  This should be recorded in the client_state.xml and require user action before the client will start running work again.  A message would be sent with the kill switch
    1414  * Projects should also be able to send a detach message to computers (example – the guy who deployed BOINC via the virus)
    15   * Worst scenario is a project who behaves well originally, attracks many members and then release a new app version that spies
    16  * Running client within VMWare instance presents a security problem in that the VMWare code would need to be reviewed for safety and the client could still access network resources.   Additionally VMWare consumes addition resources on the client so it has a larger footprint then a standard BOINC client
     15  * Worst scenario is a project who behaves well originally, attracts many members and then release a new app version that spies
     16 * Running client within VMWare instance presents a security problem in that the VMWare code would need to be reviewed for safety and the client could still access network resources. Additionally VMWare consumes addition resources on the client so it has a larger footprint then a standard BOINC client