An Account Policy Model for Grid Environments

Authors:
David Aikema;Cameron Kiddle;Rob Simmonds
Affiliations:
Department of Computer Science, University of Calgary, Calgary, Canada;Department of Computer Science, University of Calgary, Calgary, Canada;Department of Computer Science, University of Calgary, Calgary, Canada
Venue:
GPC '09 Proceedings of the 4th International Conference on Advances in Grid and Pervasive Computing
Year:
2009

Citing 8
Cited 0

A security architecture for computational grids

CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
The grid: blueprint for a new computing infrastructure

The grid: blueprint for a new computing infrastructure
A Methodology for Account Management in Grid Computing Environments

GRID '01 Proceedings of the Second International Workshop on Grid Computing
The PERMIS X.509 role based privilege management infrastructure

Future Generation Computer Systems - Special section: Selected papers from the TERENA networking conference 2002
An Online Credential Repository for the Grid: MyProxy

HPDC '01 Proceedings of the 10th IEEE International Symposium on High Performance Distributed Computing
A Community Authorization Service for Group Collaboration

POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
The PRIMA System for Privilege Management, Authorization and Enforcement in Grid Environments

GRID '03 Proceedings of the 4th International Workshop on Grid Computing
From gridmap-file to VOMS: managing authorization in a Grid environment

Future Generation Computer Systems - Special issue: High-speed networks and services for data-intensive grids: The DataTAG project

Quantified Score

Hi-index	0.00

Visualization

Abstract

To manage jobs in multi-institutional grid environments, an automation tool needs to know not only the characteristics of resources, but also whether a job's credentials will be mapped to accounts on them. Credentials may be mapped to an existing dedicated or shared account on a resource, or a new account may be created. Existing information models provide little account policy information, even though the development of virtual organization and account management tools means that account policies may be increasingly dynamic. Without automation tools being able to understand account policies, projects are unable to take full advantage of modern virtual organization and account management systems. Using advertised account policies, automation tools could consider whether the account creation, access, expiry, and cleanup policies of a service provider make it a good candidate for running particular jobs. Additionally, account renewals could be managed automatically using information in an expiry policy model.