MySRB & SRB: Components of a Data Grid
HPDC '02 Proceedings of the 11th IEEE International Symposium on High Performance Distributed Computing
HPDC '03 Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing
The design and implementation of Grid database services in OGSA-DAI: Research Articles
Concurrency and Computation: Practice & Experience - Grid Performance
Role-based access management for ad-hoc collaborative sharing
Proceedings of the eleventh ACM symposium on Access control models and technologies
A framework model for grid security
Future Generation Computer Systems
Certificate-based access control for widely distributed resources
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
An Architecture for Authorization in Grids using Shibboleth and VOMS
EUROMICRO '07 Proceedings of the 33rd EUROMICRO Conference on Software Engineering and Advanced Applications
Towards trust-aware access management for ad-hoc collaborations
COLCOM '07 Proceedings of the 2007 International Conference on Collaborative Computing: Networking, Applications and Worksharing
Globus toolkit version 4: software for service-oriented systems
NPC'05 Proceedings of the 2005 IFIP international conference on Network and Parallel Computing
Hi-index | 0.00 |
In Grid-based collaborations, a number of data sharing services in Grid are established to provide a unified platform for dynamic discovery, access and replication of distributed data. Controlling access to Grid data in these services requires the ability to dynamically make authorisation decisions based on the data owners' policies and users' credentials across administrative domains. In this paper, we present a flexible policy-driven authorisation system, called RamarsAuthZ, for secure data sharing services in Grid systems. RamarsAuthZ adopts a flexible role-based approach with trust-aware feature to advocate originator control, delegation and dissemination control. A case study based on Globus data replication service (DRS) is presented to provide effective access control both at the service level and at the data level. Our system is flexible and interoperable with multiple Grid services with little reliance on static policy and attribute management.