ACM Transactions on Computer Systems (TOCS)
ACM SIGAda Ada Letters
The Ponder Policy Specification Language
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
A Community Authorization Service for Group Collaboration
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Certificate-based authorization policy in a PKI environment
ACM Transactions on Information and System Security (TISSEC)
Experiences of applying advanced grid authorisation infrastructures
EGC'05 Proceedings of the 2005 European conference on Advances in Grid Computing
Public Key Infrastructures: A research agenda
Journal of Computer Security - On IWAP'05
Using OGRO and CertiVeR to improve OCSP validation for Grids
The Journal of Supercomputing
OCSP for Grids: Comparing Prevalidation versus Caching
GRID '06 Proceedings of the 7th IEEE/ACM International Conference on Grid Computing
Using OGRO and certiver to improve OCSP validation for grids
GPC'06 Proceedings of the First international conference on Advances in Grid and Pervasive Computing
Hi-index | 0.00 |
The OGSA definition of a Grid Service as a transient, stateful and dynamically instantiated Web Service introduced new authentication and authorization requirements beyond those already established for existing Grid environments. However such design features have begun to be developed currently following a pre-Web Services approach in two aspects: in the first place making a clear separation of authentication from authorization issues, and in the second place not designing them over the OGSI/WSRF defined mechanisms and specifications. In this paper we are proposing a new Security Framework that unifies identified common points of both features, Authentication and Authorization, into a mechanism called validation policy which is expected to improve service performance and security. Our framework seeks to implement these aspects over the Grid Service's Operations and Service Data concepts to fully exploit its functionalities. The paper also presents the integration of an enhanced OCSP Service Provider into the Globus Toolkit 3.9.4 as a first proof of concept.