Policy Based Access Control in Dynamic Grid-based Collaborative Environment
CTS '06 Proceedings of the International Symposium on Collaborative Technologies and Systems
Domain Based Access Control Model for Distributed Collaborative Applications
E-SCIENCE '06 Proceedings of the Second IEEE International Conference on e-Science and Grid Computing
Using SAML and XACML for Complex Authorisation Scenarios in Dynamic Resource Provisioning
ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
Using Workflow for Dynamic Security Context Management in Grid-based Applications
GRID '06 Proceedings of the 7th IEEE/ACM International Conference on Grid Computing
Applications drive secure lightpath creation across heterogeneous domains
IEEE Communications Magazine
Proxy Restrictions for Grid Usage
GPC '09 Proceedings of the 4th International Conference on Advances in Grid and Pervasive Computing
Authorisation infrastructure for on-demand network resource provisioning
GRID '08 Proceedings of the 2008 9th IEEE/ACM International Conference on Grid Computing
Future Generation Computer Systems
Improving Mandatory Access Control for HPC clusters
Future Generation Computer Systems
Hi-index | 0.00 |
This paper summarises ongoing research and recent results on the development of flexible access control infrastructure for complex resource provisioning in Grid-based collaborative applications and on-demand network services provisioning. The paper analyses the general access control model for Grid-based applications and discusses what mechanisms can be used for expressing and handling dynamic domain or process/workflow-related security context. Suggestions are given on what specific functionality should be added to the Grid-oriented authorization frameworks to handle such dynamic security context. As an example, the paper explains how such functionality can be achieved in the GAAA Authorization framework (GAAA-AuthZ) and GAAA toolkit. Additionally, the paper describes AuthZ ticket format for extended AuthZ session management. The paper is based on experiences gained from major Grid-based and Grid-oriented projects such as EGEE, Phosphorus, NextGRID, and GigaPort Research on Network.