Role-Based Access Control Models
Computer
A security architecture for computational grids
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Fine-Grain Authorization for Resource Management in the Grid Environment
GRID '02 Proceedings of the Third International Workshop on Grid Computing
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
The Globus Project: A Status Report
HCW '98 Proceedings of the Seventh Heterogeneous Computing Workshop
A Community Authorization Service for Group Collaboration
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
The Anatomy of the Grid: Enabling Scalable Virtual Organizations
International Journal of High Performance Computing Applications
Certificate-based access control for widely distributed resources
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Ticket-based fine-grained authorization service in the dynamic VO environment
SWS '04 Proceedings of the 2004 workshop on Secure web service
Toward an On-Demand Restricted Delegation Mechanism for Grids
GRID '06 Proceedings of the 7th IEEE/ACM International Conference on Grid Computing
Grid authorization management oriented to large-scale collaborative computing
CSCWD'04 Proceedings of the 8th international conference on Computer Supported Cooperative Work in Design I
Trust-Based secure workflow path construction
ICSOC'05 Proceedings of the Third international conference on Service-Oriented Computing
Hi-index | 0.00 |
In a distributed environment, specific rights may berequired while a task is controlled and processed. A usershould delegate enough rights to a task for processing.Tasks cannot work correctly if delegated rights areinsufficient, or security threats may occur if delegatedrights are excessive. Restricted delegation is the step thatdelegates proper rights to a task, and that enables fine-grainedauthorization in Grid. In this paper, we proposeWAS architecture as the method for supporting restricteddelegation and rights management. In contrast totraditional architecture, WAS architecture uses aworkflow that describes the sequence of rights requiredfor normal execution of a task. By using the workflow,WAS architecture is able to check whether the taskexercises allowed rights. WAS architecture isimplemented on Globus toolkit 2.0.