Access control for collaborative environments
CSCW '92 Proceedings of the 1992 ACM conference on Computer-supported cooperative work
A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
A framework for distributed authorization
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
The grid: blueprint for a new computing infrastructure
The grid: blueprint for a new computing infrastructure
The Performance of a Reliable, Request-Response Transport Protocol
ISCC '99 Proceedings of the The Fourth IEEE Symposium on Computers and Communications
The CRISIS wide area security architecture
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Resource access control for an internet user agent
COOTS'97 Proceedings of the 3rd conference on USENIX Conference on Object-Oriented Technologies (COOTS) - Volume 3
Supporting Secure Ad-hoc User Collaboration in Grid Environments
GRID '02 Proceedings of the Third International Workshop on Grid Computing
Toward Realizable Restricted Delegation in Computational Grids
HPCN Europe 2001 Proceedings of the 9th International Conference on High-Performance Computing and Networking
Certificate-based authorization policy in a PKI environment
ACM Transactions on Information and System Security (TISSEC)
The PRIMA System for Privilege Management, Authorization and Enforcement in Grid Environments
GRID '03 Proceedings of the 4th International Workshop on Grid Computing
Access control for a replica management database
Proceedings of the second ACM workshop on Storage security and survivability
Hi-index | 0.00 |
To span administrative boundaries, metacomputing systems require the integration of strong authentication and authorization methods. The problem is complicated because different components of the system may have different security policies. This paper presents a distributed model for authorization that we have integrated with the Prospero Resource Manager, a metacomputing resource allocation system developed at USC. The integration of authorization with PRM was accomplished through the specification of a policy language and the use of a Generic Authorization and Access-control API (GAA API). The language supports the specification of diverse authorization policies including ACLs, capabilities and lattice-based access controls. The GAA API provides a uniform authorization service interface for facilitating access control decisions and requesting authorization information about a particular resource. We describe a prototype of our system.