A Multipolicy Authorization Framework for Grid Security

Authors:
Bo Lang;Ian Foster;Frank Siebenlist;Rachana Ananthakrishnan;Tim Freeman
Affiliations:
Argonne National Laboratory, USA;Argonne National Laboratory, USA;Argonne National Laboratory, USA;Argonne National Laboratory, USA;Argonne National Laboratory, USA
Venue:
NCA '06 Proceedings of the Fifth IEEE International Symposium on Network Computing and Applications
Year:
2006

Citing 0
Cited 10

An Approach to Identity Management for Service Centric Systems

ServiceWave '08 Proceedings of the 1st European Conference on Towards a Service-Based Internet
Global-scale peer-to-peer file services with DFS

GRID '07 Proceedings of the 8th IEEE/ACM International Conference on Grid Computing
A trust degree based access control in grid environments

Information Sciences: an International Journal
DPMF: A policy management framework for heterogeneous authorization systems in grid environments

Multiagent and Grid Systems - Content management and delivery through P2P-based content networks
Virtual environments: framework for virtualized resource access in the grid

Euro-Par'06 Proceedings of the CoreGRID 2006, UNICORE Summit 2006, Petascale Computational Biology and Bioinformatics conference on Parallel processing
Semantic-based authorization architecture for Grid

Future Generation Computer Systems
Churn tolerant virtual organization file system for grids

PPAM'09 Proceedings of the 8th international conference on Parallel processing and applied mathematics: Part II
Provenance security guarantee from origin up to now in the e-Science environment

Journal of Systems Architecture: the EUROMICRO Journal
Shibboleth and community authorization services: enabling role-based grid access

ICA3PP'11 Proceedings of the 11th international conference on Algorithms and architectures for parallel processing - Volume Part II
Grid Authorization Graph

Future Generation Computer Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

A Grid system is a Virtual Organization that is composed of several autonomous domains. Authorization in such a system needs to be flexible and scalable to support multiple security policies. Basing on the Web Services security specifications such as XACML, SAML, and the special security needs of the Grid computing, we have constructed an authorization framework in the Globus Toolkit 4 that can support multiple policies. This paper describes the concepts of our design and introduces the structure and the components of the authorization framework. To show the flexibility and scalability of the framework, we introduce a new blacklist/whitelistbased authorization mechanism that can be seamlessly integrated into the framework.