The PERMIS X.509 role based privilege management infrastructure
Future Generation Computer Systems - Special section: Selected papers from the TERENA networking conference 2002
| Hi-index | 0.00 |
This paper describes how it is possible to use today's existing stateless PDPs such as the XACML PDP, to provide coordinated access control decision making throughout a distributed application. This is achieved by utilising an external database service to store the retained ADI that is needed by the PDPs. In this way the decision making can be coordinated and controlled throughout time and space. The retained ADI is modelled as coordination attributes of a coordination object, and coordination PIPs linked to each PDP access the coordination database service to retrieve the current values of the coordination attributes prior to the access control decision being made. Obligations in the access control policy define how the coordination attributes should be updated when the user is granted access to a resource. Three different modes of enforcing obligations are defined by a Chronicle directive, namely Chronicle=Before, Chronicle=After and Chronicle=With. The paper describes how the coordinated decision making has been implemented in Globus Toolkit v4, by developing a Coordinated PDP that incorporates a coordination PIP, an Obligations Service that implements the Chronicle=Before mode of operation, and a stateless PDP that makes the access control decisions; and an external coordination database grid service that has its own security controls to ensure that only Coordinated PDPs can access it. The paper concludes by discussing the implementation and indicating how the Chronicle=After and Chronicle=With modes of operation might also be supported in GT4.