Privacy protection of grid service requesters through distributed attribute based access control model

Authors:
Ali Esmaeeli;Hamid Reza Shahriari
Affiliations:
Department of Computer Engineering and Information Technology, Amirkabir University of Technology, Tehran, Iran;Department of Computer Engineering and Information Technology, Amirkabir University of Technology, Tehran, Iran
Venue:
GPC'10 Proceedings of the 5th international conference on Advances in Grid and Pervasive Computing
Year:
2010

Citing 8
Cited 0

Negotiating Trust on the Web

IEEE Internet Computing
The PERMIS X.509 role based privilege management infrastructure

Future Generation Computer Systems - Special section: Selected papers from the TERENA networking conference 2002
Certificate-based authorization policy in a PKI environment

ACM Transactions on Information and System Security (TISSEC)
Access control for the web via proof-carrying authorization

Access control for the web via proof-carrying authorization
The Anatomy of the Grid: Enabling Scalable Virtual Organizations

International Journal of High Performance Computing Applications
Certificate-based access control for widely distributed resources

SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
PuRBAC: Purpose-Aware Role-Based Access Control

OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
Authorisation in Grid computing

Information Security Tech. Report

Quantified Score

Hi-index	0.00

Visualization

Abstract

In Grid service environments, traditional identity based access control models are not effective, and access decisions need to be made based on service requesters' attributes All of previous attribute based access control (ABAC) models are lacking in protection of users' privacy because in these models, access control decisions are made by providing the service provider with user attributes This paper presents a Distributed Attribute Based Access Control (DABAC) model which protects users' privacy in Grid service environments The DABAC model is based on XACML access control framework In DABAC model, access control is distributed between home organization (service requester's organization) and destination organization (service provider's organization) In this model, user attributes are examined in home organization for which policy certificates are provided This prevents service provider from accessing users' attributes Therefore, users' privacy is protected Moreover, distributed nature of this model, makes it more efficient comparing with previous models.