Dynamic security context management in Grid-based applications

Authors:
Yuri Demchenko;Olle Mulmo;Leon Gommans;Cees de Laat;Alfred Wan
Affiliations:
System and Network Engineering Group, University of Amsterdam, Kruislaan 403, 1098SJ, Amsterdam, The Netherlands;Center for Parallel Computers, Kungliga Tekniska Högskola, SE-100 44 Stockholm, Sweden;System and Network Engineering Group, University of Amsterdam, Kruislaan 403, 1098SJ, Amsterdam, The Netherlands;System and Network Engineering Group, University of Amsterdam, Kruislaan 403, 1098SJ, Amsterdam, The Netherlands;System and Network Engineering Group, University of Amsterdam, Kruislaan 403, 1098SJ, Amsterdam, The Netherlands
Venue:
Future Generation Computer Systems
Year:
2008

Citing 5
Cited 4

Policy Based Access Control in Dynamic Grid-based Collaborative Environment

CTS '06 Proceedings of the International Symposium on Collaborative Technologies and Systems
Domain Based Access Control Model for Distributed Collaborative Applications

E-SCIENCE '06 Proceedings of the Second IEEE International Conference on e-Science and Grid Computing
Using SAML and XACML for Complex Authorisation Scenarios in Dynamic Resource Provisioning

ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
Using Workflow for Dynamic Security Context Management in Grid-based Applications

GRID '06 Proceedings of the 7th IEEE/ACM International Conference on Grid Computing
Applications drive secure lightpath creation across heterogeneous domains

IEEE Communications Magazine

Proxy Restrictions for Grid Usage

GPC '09 Proceedings of the 4th International Conference on Advances in Grid and Pervasive Computing
Authorisation infrastructure for on-demand network resource provisioning

GRID '08 Proceedings of the 2008 9th IEEE/ACM International Conference on Grid Computing
Editorial: Special section: Management and optimisation of P2P and Grid systems with network economics

Future Generation Computer Systems
Improving Mandatory Access Control for HPC clusters

Future Generation Computer Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper summarises ongoing research and recent results on the development of flexible access control infrastructure for complex resource provisioning in Grid-based collaborative applications and on-demand network services provisioning. The paper analyses the general access control model for Grid-based applications and discusses what mechanisms can be used for expressing and handling dynamic domain or process/workflow-related security context. Suggestions are given on what specific functionality should be added to the Grid-oriented authorization frameworks to handle such dynamic security context. As an example, the paper explains how such functionality can be achieved in the GAAA Authorization framework (GAAA-AuthZ) and GAAA toolkit. Additionally, the paper describes AuthZ ticket format for extended AuthZ session management. The paper is based on experiences gained from major Grid-based and Grid-oriented projects such as EGEE, Phosphorus, NextGRID, and GigaPort Research on Network.