Role-Based Access Control Models
Computer
The grid
Security, accounting, and assurance
The grid
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
HPDC '03 Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing
Distributed Database Management Systems and the Data Grid
MSS '01 Proceedings of the Eighteenth IEEE Symposium on Mass Storage Systems and Technologies
Toward Explicit Policy Management for Virtual Organizations
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
A Community Authorization Service for Group Collaboration
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Standards for databases on the grid
ACM SIGMOD Record
Data integration in a bandwidth-rich world
Communications of the ACM - Blueprint for the future of high-performance networking
Policy and Enforcement in Virtual Organizations
GRID '03 Proceedings of the 4th International Workshop on Grid Computing
Dynamic Context-aware Access Control for Grid Applications
GRID '03 Proceedings of the 4th International Workshop on Grid Computing
Access-Control Language for Multidomain Environments
IEEE Internet Computing
The Anatomy of the Grid: Enabling Scalable Virtual Organizations
International Journal of High Performance Computing Applications
The Biometrics Grid: A Solution to Biometric Technologies
IEEE Distributed Systems Online
A medical diagnostic and treatment advice system for the provision of home care
Proceedings of the 1st international conference on PErvasive Technologies Related to Assistive Environments
Secure Interaction Models for the HealthAgents System
SAFECOMP '08 Proceedings of the 27th international conference on Computer Safety, Reliability, and Security
A mediation framework for achieving interoperability in pervasive grid-based homecare systems
Proceedings of the 2nd International Conference on PErvasive Technologies Related to Assistive Environments
SAML-based federated authentication and authorization scheme for cross-domain grid services
PDCN '08 Proceedings of the IASTED International Conference on Parallel and Distributed Computing and Networks
Access control management in open distributed virtual repositories and the grid
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
A system for the provision of medical diagnostic and treatment advice in home care environment
Personal and Ubiquitous Computing
Role-based access control for a Grid system using OGSA-DAI and Shibboleth
The Journal of Supercomputing
Shibboleth and community authorization services: enabling role-based grid access
ICA3PP'11 Proceedings of the 11th international conference on Algorithms and architectures for parallel processing - Volume Part II
| Hi-index | 0.00 |
In this paper, we propose a role-based access control (RBAC) method for Grid database services in Open Grid Services Architecture-Data Access and Integration (OGSA-DAI). OGSA-DAI is an efficient Grid-enabled middleware implementation of interfaces and services to access and control data sources and sinks. However, in OGSA-DAI, access control causes substantial administration overhead for resource providers in virtual organizations (VOs) because each of them has to manage a role-map file containing authorization information for individual Grid users. To solve this problem, we used the Community Authorization Service (CAS) provided by the Globus Toolkit to support the RBAC within the OGSA-DAI framework. The CAS grants the membership on VO roles to users. The resource providers then need to maintain only the mapping information from VO roles to local database roles in the role-map files, so that the number of entries in the role-map file is reduced dramatically. Furthermore, the resource providers control the granting of access privileges to the local roles. Thus, our access control method provides increased manageability for a large number of users and reduces day-to-day administration tasks of the resource providers, while they maintain the ultimate authority over their resources. Performance analysis shows that our method adds very little overhead to the existing security infrastructure of OGSA-DAI.