Authorization and Attribute Certificates for Widely Distributed Access Control
WETICE '98 Proceedings of the 7th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
The PERMIS X.509 role based privilege management infrastructure
Future Generation Computer Systems - Special section: Selected papers from the TERENA networking conference 2002
A Community Authorization Service for Group Collaboration
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Comparison of Advanced Authorisation Infrastructures for Grid Computing
HPCS '05 Proceedings of the 19th International Symposium on High Performance Computing Systems and Applications
A Shibboleth-Protected Privilege Management Infrastructure for e-Science Education
CCGRID '06 Proceedings of the Sixth IEEE International Symposium on Cluster Computing and the Grid
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Development of a flexible PERMIS authorisation module for shibboleth and apache server
EuroPKI'05 Proceedings of the Second European conference on Public Key Infrastructure
Experiences of applying advanced grid authorisation infrastructures
EGC'05 Proceedings of the 2005 European conference on Advances in Grid Computing
Supporting Security-Oriented, Collaborative nanoCMOS Electronics Research
ICCS '08 Proceedings of the 8th international conference on Computational Science, Part I
Standardised job submission and control in cluster and grid environments
International Journal of Grid and Utility Computing
Dynamic VO Establishment in Distributed Heterogeneous Business Environments
ICCS 2009 Proceedings of the 9th International Conference on Computational Science
A virtual laboratory for medical image analysis
IEEE Transactions on Information Technology in Biomedicine
ACM Computing Surveys (CSUR)
Shibboleth and community authorization services: enabling role-based grid access
ICA3PP'11 Proceedings of the 11th international conference on Algorithms and architectures for parallel processing - Volume Part II
A standards-based interoperable single sign-on framework in ARC Grid middleware
Journal of Network and Computer Applications
Robust and flexible tunnel management for secure private cloud
ACM SIGAPP Applied Computing Review
| Hi-index | 0.00 |
Security underpins Grids and e-Research. Without a robust, reliable and simple Grid security infrastructure combined with commonly accepted security practices, large portions of the research community and wider industry will not engage. The predominant way in which security is currently addressed in the Grid community is through Public Key Infrastructures (PKI) based upon X.509 certificates to support authentication. Whilst PKIs address user identity issues, authentication does not provide fine grained control over what users are allowed to do on remote resources (authorization). In this paper we outline how we have successfully combined Shibboleth and advanced authorization technologies to provide simplified (from the user perspective) but fine grained security for access to and usage of Grid resources. We demonstrate this approach through different security focused e-Science projects being conducted at the National e-Science Centre (NeSC) at the University of Glasgow. We believe that this model will be more widely applicable and encourage the further uptake of e-Science by non-IT specialists in the research communities.