NDG Security is the security system that was developed for the UK Natural Environment Research Council funded NERC DataGrid. This is the package for common components.

NDG Security has been developed to provide users with seamless federated access to secured resources across NDG participating organisations whilst at the same time providing an underlying system which is easy to deploy around organisation's pre-existing systems.

The system was further developed in collaboration with the US DoE funded Earth System Grid project for the ESG Federation an infrastructure under development in support of CMIP5 (Coupled Model Intercomparison Project Phase 5), a framework for a co-ordinated set of climate model experiments which will input into the forthcoming 5th IPCC Assessment Report.

NDG and ESG use a common access control architecture. OpenID and MyProxy are used to support single sign on for browser based and HTTP rich client based applications respectively. SAML is used for attribute query and authorisation decision interfaces. XACML is used as the policy engine. NDG Security has been re-engineered to use a filter based architecture based on WSGI enabling other Python WSGI based applications to be protected in a flexible manner without the need to modify application code.

• 2.5.0: altered utilities content to remove M2Crypto dependencies.
• 2.4.0: provide additional M2Crypto wrapper utilties - update synchronised with ndg_security_server to OpenID Provider to support HTTP Basic Auth to allow easy authentication with non-browser based clients