The PERMIS X.509 role based privilege management infrastructure
Future Generation Computer Systems - Special section: Selected papers from the TERENA networking conference 2002
HPDC '03 Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing
Automated Decomposition of Access Control Policies
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Coordination between Distributed PDPs
POLICY '06 Proceedings of the Seventh IEEE International Workshop on Policies for Distributed Systems and Networks
Pre-execution security policy assessment of remotely defined BPEL-based grid processes
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
Hi-index | 0.00 |
Coordinating the cumulative use of distributed resources in a grid environment so that users do not consume too much is a difficult task. This paper presents one approach that we have implemented in Globus Toolkit version 4 (GT4), that uses an SQL database to hold "coordination" data, and policy decision points (PDPs) to make access control decisions about whether the user's request for more resources can be granted or denied. When access is granted, obligations in the policy ensure that the coordination database is appropriately updated. In our initial implementation, the coordination service is imbedded into the GT4 authorization chain as a custom PDP so that any web service can be provided with a security policy that provides a coordination capability. In the final section we describe how coordinated decision making could be more tightly integrated into a future version of GT.