This page serves to provide pointers to the latest version of my security assessment of the Globus Online File Transfer and related services and any updates to that assessment. The latest version of this document is dated February 3rd 2012 and is available from IU ScholarWORKS: http://hdl.handle.net/2022/14147. Please cite as: “Von Welch. Globus Online Security Review. Indiana University ScholarWORKS. February 3, 2012. http://hdl.handle.net/2022/14147" Summary The review is based on a description, provided by the Globus Project, of the architecture and deployment of the services. The description was provided in the form of written documentation, email communications and a roughly three-hour in-person meeting. This document is written from the point of view of users of the services and operators of data storage services accessed by the services on behalf of their users. It is most accurately described as an architectural security review. A casual exploration of the services as a user was undertaken, but was not a significant activity in regards to the authoring of the report. This review is provided as best effort for the benefit of the community. It is provided “as-is” with no warranty expressed or implied. All opinions are those of the author and should not be taken to reflect opinions of any other entity.This review did not, among other things:
|