A security architecture for computational grids
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
The grid: blueprint for a new computing infrastructure
The grid: blueprint for a new computing infrastructure
Secure virtual enclaves: Supporting coalition use of distributed application technologies
ACM Transactions on Information and System Security (TISSEC)
The Ponder Policy Specification Language
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
Translating Role-Based Access Control Policy within Context
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
A secure communications infrastructure for high-performance distributed computing
HPDC '97 Proceedings of the 6th IEEE International Symposium on High Performance Distributed Computing
Grids as Production Computing Environments: The Engineering Aspects of NASA's Information Power Grid
HPDC '99 Proceedings of the 8th IEEE International Symposium on High Performance Distributed Computing
MSS '01 Proceedings of the Eighteenth IEEE Symposium on Mass Storage Systems and Technologies
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Formal Treatment of Certificate Revocation Under Communal Access Control
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
The Anatomy of the Grid: Enabling Scalable Virtual Organizations
International Journal of High Performance Computing Applications
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Certificate-based access control for widely distributed resources
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Secure end-to-end delegations in distributed systems
Computer Communications
Hi-index | 0.00 |
In "Grids" and "collaboratories," we find distributedcommunities of resource providers and resourceconsumers, within which often complex and dynamicpolicies govern who can use which resources for whichpurpose. We propose a new approach to therepresentation, maintenance, and enforcement of suchpolicies that provides a scalable mechanism forspecifying and enforcing these policies. Our approachallows resource providers to delegate some of theauthority for maintaining fine-grained access controlpolicies to communities, while still maintaining ultimatecontrol over their resources. We also describe a prototypeimplementation of this approach and an application in adata management context.