A security architecture for computational grids
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Multiple Bypass: Interposition Agents for Distributed Computing
Cluster Computing
An authorization framework for metacomputing applications
Cluster Computing
A Methodology for Account Management in Grid Computing Environments
GRID '01 Proceedings of the Second International Workshop on Grid Computing
Symphony - A Java-Based Composition and Manipulation Framework for Computational Grids
CCGRID '02 Proceedings of the 2nd IEEE/ACM International Symposium on Cluster Computing and the Grid
A Community Authorization Service for Group Collaboration
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Legion: An Operating System for Wide-Area Computing
Legion: An Operating System for Wide-Area Computing
Certificate-based access control for widely distributed resources
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
The PRIMA System for Privilege Management, Authorization and Enforcement in Grid Environments
GRID '03 Proceedings of the 4th International Workshop on Grid Computing
Joint Policy Management and Auditing in Virtual Organizations
GRID '03 Proceedings of the 4th International Workshop on Grid Computing
Dynamic Context-aware Access Control for Grid Applications
GRID '03 Proceedings of the 4th International Workshop on Grid Computing
First experiences using XACML for access control in distributed systems
Proceedings of the 2003 ACM workshop on XML security
Operating System Level Support for Resource Sharing Across Multiple Domains
HPCASIA '05 Proceedings of the Eighth International Conference on High-Performance Computing in Asia-Pacific Region
Dynamic security perimeters for inter-enterprise service integration
Future Generation Computer Systems
A framework model for grid security
Future Generation Computer Systems
A hybrid mechanism for resource/service discovery in ad-hoc grids
Future Generation Computer Systems
A classification of delegation schemes for attribute authority
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
A PMI-aware extension for the SSH service
PPAM'07 Proceedings of the 7th international conference on Parallel processing and applied mathematics
Grid authorization management oriented to large-scale collaborative computing
CSCWD'04 Proceedings of the 8th international conference on Computer Supported Cooperative Work in Design I
Secure cooperative access control on grid
Future Generation Computer Systems
| Hi-index | 0.00 |
We envision that many grid usage scenarios will be based on small, dynamic working groups for which the ability to establish transient collaboration is a key requirement. Current grid security mechanisms support individual users as members of well-defined virtual organizations. Recent research seeks to provide manageable grid security services for self-regulating, stable communities. Our prior work with component-based systems for grid computation demonstrated a need to support spontaneous, limited, short-lived collaborations which rely on shared or delegated fine grained access privileges. Our mechanisms enable the high-level management of such fine grained privileges based on PKIX attribute certificates and enforce resulting access policies through readily available POSIX operating system extensions. In combination, our mechanisms leverage other work in the grid computing and security communities, reduce administrative costs to resource providers, enable ad-hoc collaboration through incremental trust relationships and can be used to provide improved security service to long-lived communities.