Security and dynamics in customer controlled virtual workspace organisation
Proceedings of the 16th international symposium on High performance distributed computing
Multi-domain lightpath authorization, using tokens
Future Generation Computer Systems
Proceedings of the 6th international workshop on Middleware for grid computing
Authorization control in collaborative healthcare systems
Journal of Theoretical and Applied Electronic Commerce Research
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Authorization in cross-border eHealth systems
Information Systems Frontiers
| Hi-index | 0.00 |
This paper presents ongoing research and current results on the development of flexible access control infrastructure for complex resource provisioning (CRP) in Grid-based applications. The paper proposes a general CRP model and specifies major requirements to the Authorisation (AuthZ) service infrastructure to support multidomain CRP, focusing on two main issues -- policy expression for complex resource models and AuthZ session support. The paper provides suggestions about using XACML and its special profiles to describe access control policies to complex resources and briefly describes proposed XML based AuthZ ticket format to support extended AuthZ session context. Additionally, the paper discusses what specific functionality can be added to the gLite Java Authorisation Framework (gJAF), to handle dynamic security context including AuthZ session support. The paper is based on experiences gained from major Grid based and Grid oriented projects such as EGEE, Phosphorus and GigaPort Research on Network.