A security architecture for computational grids
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Authorization and Attribute Certificates for Widely Distributed Access Control
WETICE '98 Proceedings of the 7th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
The NetLogger Methodology for High Performance Distributed Systems Performance Analysis
HPDC '98 Proceedings of the 7th IEEE International Symposium on High Performance Distributed Computing
QoS as Middleware: Bandwidth Reservation System Design
HPDC '99 Proceedings of the 8th IEEE International Symposium on High Performance Distributed Computing
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
The Diesel Combustion Collaboratory: combustion researchers collaborating over the Internet
SC '99 Proceedings of the 1999 ACM/IEEE conference on Supercomputing
Towards flexible credential verification in mobile ad-hoc networks
Proceedings of the second ACM international workshop on Principles of mobile computing
A Monitoring Sensor Management System for Grid Environments
Cluster Computing
Collaborative Metacomputing with IceT
The Journal of Supercomputing
Fine-Grain Authorization for Resource Management in the Grid Environment
GRID '02 Proceedings of the Third International Workshop on Grid Computing
Supporting Secure Ad-hoc User Collaboration in Grid Environments
GRID '02 Proceedings of the Third International Workshop on Grid Computing
A Methodology for Account Management in Grid Computing Environments
GRID '01 Proceedings of the Second International Workshop on Grid Computing
A Repository System with Secure File Access for Collaborative Environments
ICCS '01 Proceedings of the International Conference on Computational Sciences-Part I
On Group Communication Systems: Insight, a Primer, and a Snapshot
ICCS '01 Proceedings of the International Conference on Computational Sciences-Part I
Toward Realizable Restricted Delegation in Computational Grids
HPCN Europe 2001 Proceedings of the 9th International Conference on High-Performance Computing and Networking
Certificate Use for Supporting Merging and Splitting of Computational Environments
HPCN Europe 2001 Proceedings of the 9th International Conference on High-Performance Computing and Networking
Grid Computing: Enabling a Vision for Collaborative Research
PARA '02 Proceedings of the 6th International Conference on Applied Parallel Computing Advanced Scientific Computing
A Knowledge-Based Approach to Internet Authorizations
ACISP '01 Proceedings of the 6th Australasian Conference on Information Security and Privacy
XML-Based Distributed Access Control System
EC-WEB '02 Proceedings of the Third International Conference on E-Commerce and Web Technologies
A Practical Distributed Authorization System for GARA
InfraSec '02 Proceedings of the International Conference on Infrastructure Security
Framework for Authentication and Access Control of Client-Server Group Communication Systems
NGC '01 Proceedings of the Third International COST264 Workshop on Networked Group Communication
Secure Content Distribution for Digital Libraries
ICADL '02 Proceedings of the 5th International Conference on Asian Digital Libraries: Digital Libraries: People, Knowledge, and Technology
Access Control Infrastructure for Digital Objects
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Interoperable Web services for computational portals
Proceedings of the 2002 ACM/IEEE conference on Supercomputing
Computational grids in action: the national fusion collaboratory
Future Generation Computer Systems - Grid computing: Towards a new computing infrastructure
Computational and data Grids in large-scale science and engineering
Future Generation Computer Systems - Grid computing: Towards a new computing infrastructure
On context in authorization policy
Proceedings of the eighth ACM symposium on Access control models and technologies
Partial outsourcing: a new paradigm for access control
Proceedings of the eighth ACM symposium on Access control models and technologies
InfoGram: A Grid Service that Supports Both Information Queries and Job Execution
HPDC '02 Proceedings of the 11th IEEE International Symposium on High Performance Distributed Computing
Integrating PMI services in CORBA applications
Computer Standards & Interfaces - CORBA: protocols, applications, process models and standards
A Community Authorization Service for Group Collaboration
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
WebDAVA: An Administrator-Free Approach To Web File-Sharing
WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Certificate-based authorization policy in a PKI environment
ACM Transactions on Information and System Security (TISSEC)
An XACML-based Policy Management and Authorization Service for Globus Resources
GRID '03 Proceedings of the 4th International Workshop on Grid Computing
The PRIMA System for Privilege Management, Authorization and Enforcement in Grid Environments
GRID '03 Proceedings of the 4th International Workshop on Grid Computing
Workflow-based Authorization Service in Grid
GRID '03 Proceedings of the 4th International Workshop on Grid Computing
Authentication and access delegation with user-released certificates
Proceedings of the 2003 ACM symposium on Applied computing
A unified security framework for networked applications
Proceedings of the 2003 ACM symposium on Applied computing
The Anatomy of the Grid: Enabling Scalable Virtual Organizations
International Journal of High Performance Computing Applications
Towards multilateral secure digital rights distribution infrastructures
Proceedings of the 5th ACM workshop on Digital rights management
Ticket-based fine-grained authorization service in the dynamic VO environment
SWS '04 Proceedings of the 2004 workshop on Secure web service
On classifying access control implementations for distributed systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
PKI-based secure mobile access to electronic health services and data
Technology and Health Care
A survey of autonomic communications
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Kerberized credential translation: a solution to web access control
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Ad Hoc Grid Security Infrastructure
GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
Resource management for global public computing: many policies are better than (n)one
WORLDS'06 Proceedings of the 3rd conference on USENIX Workshop on Real, Large Distributed Systems - Volume 3
Kerberized credential translation: a solution to web access control
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Connecting Grids Using Communication Satellites
International Journal of High Performance Computing Applications
RB-GACA: an RBAC based grid access control architecture
International Journal of Grid and Utility Computing
On the design, implementation and application of an authorisation architecture for web services
International Journal of Information and Computer Security
Path-Based Access Control for Enterprise Networks
ISC '08 Proceedings of the 11th international conference on Information Security
Fine-grained access control for GridFTP using SecPAL
GRID '07 Proceedings of the 8th IEEE/ACM International Conference on Grid Computing
Achieving DRBAC Authorization in Multi-trust Domains with MAS Architecture and PMI
Agent Computing and Multi-Agent Systems
Dynamic mandatory access control for multiple stakeholders
Proceedings of the 14th ACM symposium on Access control models and technologies
Managing information access controls in digital ecosystems environments
ICAI'09 Proceedings of the 10th WSEAS international conference on Automation & information
Digital ecosystem access control management
WSEAS Transactions on Information Science and Applications
Building the PolarGrid portal using web 2.0 and OpenSocial
Proceedings of the 5th Grid Computing Environments Workshop
Implementation of an agent-oriented trust management infrastructure based on a hybrid PKI model
iTrust'03 Proceedings of the 1st international conference on Trust management
Outdoor distributed computing with split smart messages
Proceedings of the 12th Monterey conference on Reliable systems on unreliable networked platforms
Security requirements analysis for large-scale distributed file systems
Euro-Par'06 Proceedings of the CoreGRID 2006, UNICORE Summit 2006, Petascale Computational Biology and Bioinformatics conference on Parallel processing
A privacy-enhanced attribute-based access control system
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Resource management with X.509 inter-domain authorization certificates (InterAC)
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
A dynamic security framework for ambient intelligent systems: a smart-home based eHealth application
Transactions on computational science X
Assured resource sharing in Grid environments
International Journal of Information and Computer Security
Distributed mechanism for protecting resources in a newly emerged digital ecosystem technology
ICA3PP'11 Proceedings of the 11th international conference on Algorithms and architectures for parallel processing - Volume Part II
A distributed mechanism for secure collaboration in digital ecosystems
Proceedings of the International Conference on Management of Emergent Digital EcoSystems
A novel authorization mechanism for service-oriented virtual organization
ISCIS'05 Proceedings of the 20th international conference on Computer and Information Sciences
VO-sec: an access control framework for dynamic virtual organization
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
GPC'10 Proceedings of the 5th international conference on Advances in Grid and Pervasive Computing
A fine-grained and x.509-based access control system for globus
ODBASE'06/OTM'06 Proceedings of the 2006 Confederated international conference on On the Move to Meaningful Internet Systems: CoopIS, DOA, GADA, and ODBASE - Volume Part II
Semantic access control model: a formal specification
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
A standards-based interoperable single sign-on framework in ARC Grid middleware
Journal of Network and Computer Applications
Development of a grid infrastructure for functional genomics
LSGRID'04 Proceedings of the First international conference on Life Science Grid
A semantic approach for access control in web services
EuroWeb'02 Proceedings of the 2002 international conference on EuroWeb
A policy-based decentralized authorization management framework for cloud computing
Proceedings of the 27th Annual ACM Symposium on Applied Computing
End-to-end quality of service for high-end applications
Computer Communications
Journal of Network and Computer Applications
Hi-index | 0.00 |
We have implemented and deployed an access control mechanism that uses digitally-signed certificates to define and enforce an access policy for a set of distributed resources that have multiple, independent and geographically dispersed stakeholders. The stakeholders assert their access requirements in use-condition certificates and designate those trusted to attest to the corresponding user attributes. Users are identified by X.509 identity certificates. During a request to use a resource, a policy engine collects all the relevant certificates and decides if the user satisfies all the requirements. This paper describes the model, architecture and implementation of this system. It also includes some preliminary performance measurements and our plans for future development of the system.