Distributed credential chain discovery in trust management
Journal of Computer Security
The PRIMA System for Privilege Management, Authorization and Enforcement in Grid Environments
GRID '03 Proceedings of the 4th International Workshop on Grid Computing
Security architecture for open collaborative environment
EGC'05 Proceedings of the 2005 European conference on Advances in Grid Computing
Review of security models applied to distributed data access
Euro-Par'06 Proceedings of the CoreGRID 2006, UNICORE Summit 2006, Petascale Computational Biology and Bioinformatics conference on Parallel processing
| Hi-index | 0.00 |
This paper describes the design and development of a flexible, customer driven, security infrastructure for Open Collaborative Environments. The experiences were gained within the framework of the Collaboratory.nl project. The work is based on extended use of emerging Web Services and Grid security technologies, combined with concepts from the generic Authentication Authorization and Accounting (AAA) authorisation framework. Basic CNL use cases and functional security requirements are analysed to provide motivation for the proposed Job-centric security model. This model describes access control and user- and resource management. The proposed Job-centric approach uses a Job description as a semantic document that is created on the basis of the signed order (or business agreement). It contains all the information required to run the experiment and also to create/manage the virtual Jobbased associations of users and resources. The proposed trust relations analysis explains the use of trust anchors in the Job-centric security model. In addition, the paper provides implementation details of using XACML and SAML for Authorisation assertions and messaging, based on the current CNL implementation.