A security architecture for computational grids
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Application-level scheduling on distributed heterogeneous networks
Supercomputing '96 Proceedings of the 1996 ACM/IEEE conference on Supercomputing
An authorization framework for metacomputing applications
Cluster Computing
A Flexible Security System for Metacomputing Environments
HPCN Europe '99 Proceedings of the 7th International Conference on High-Performance Computing and Networking
Certificate-based access control for widely distributed resources
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Using trust for restricted delegation in grid environments
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
| Hi-index | 0.00 |
In a Computational Grid, or Grid, a user often requires a service to perform an action on his behalf. Currently, the user has few options but to grant the service the ability to wholly impersonate him, which opens the user to seemingly unbounded potential for security breaches if the service is malicious or errorful. To address this problem, eight approaches are explored for realizable, practical, and systematic restricted delegation, in which only a small subset of the user's rights are given to an invoked service. Challenges include determining the rights to delegate and easily implementing such delegation. Approaches are discussed in the context of Legion, an object-based infrastructure for Grids. Each approach is suited for different situations and objectives. These approaches are of practical importance to Grids because they significantly limit the degree to which users are subject to compromise.