Role-Based Access Control Models
Computer
Planning for PKI: Best Practices Guide for Deploying Public Key Infrastructure
Planning for PKI: Best Practices Guide for Deploying Public Key Infrastructure
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Comparison of Advanced Authorisation Infrastructures for Grid Computing
HPCS '05 Proceedings of the 19th International Symposium on High Performance Computing Systems and Applications
A Shibboleth-Protected Privilege Management Infrastructure for e-Science Education
CCGRID '06 Proceedings of the Sixth IEEE International Symposium on Cluster Computing and the Grid
Supporting Decentralized, Security Focused Dynamic Virtual Organizations across the Grid
E-SCIENCE '06 Proceedings of the Second IEEE International Conference on e-Science and Grid Computing
CCGRID '08 Proceedings of the 2008 Eighth IEEE International Symposium on Cluster Computing and the Grid
Shibboleth-based Access to and Usage of Grid Resources
GRID '06 Proceedings of the 7th IEEE/ACM International Conference on Grid Computing
Experiences of applying advanced grid authorisation infrastructures
EGC'05 Proceedings of the 2005 European conference on Advances in Grid Computing
Enabling cutting-edge semiconductor simulation through grid technology
LSSC'09 Proceedings of the 7th international conference on Large-Scale Scientific Computing
Hi-index | 0.00 |
Grid technologies support collaborative e-Research typified by multiple institutions and resources seamlessly shared to tackle common research problems. The rules for collaboration and resource sharing are commonly achieved through establishment and management of virtual organizations (VOs) where policies on access and usage of resources by collaborators are defined and enforced by sites involved in the collaboration. The expression and enforcement of these rules is made through access control systems where roles/privileges are defined and associated with individuals as digitally signed attribute certificates which collaborating sites then use to authorizeaccess to resources. Key to this approach is that the roles are assigned to the right individuals in the VO; the attribute certificates are only presented to the appropriate resources in the VO; it is transparent to the end user researchers, and finally that it is manageable for resource providers and administrators in the collaboration. In this paper, we present a security model and implementation improving the overall usability and security of resources used in Grid-based e-Research collaborations through exploitation of the Internet2 Shibboleth technology. This is explored in the context of a major new security focused project at the National e-Science Centre (NeSC) at the University of Glasgow in the nanoCMOS electronics domain.