Name
Abstract | ||
|---|---|---|
This paper describes the design and development of a flexible, customer-driven, security infrastructure for Gridbased Collaborative Environments. The paper proposes further development of the access control model built around a service or resource provisioning agreement (e.g., an experiment or project) that is used as a basis for an instant access control policy definition and virtual association of users and resources. Workflow management technology is considered as a solution for dynamic security context management during the lifetime of an experiment. The paper analyses the required functionality and suggests extensions to the generic AAA Authorisation framework in order to support complex collaboration scenarios in dynamic virtualised environments. The paper provides implementation details on the use of XACML for fine-grained access control policy definition for complex resources and team-based role management, and SAML for secure credentials exchange. In addition, the paper discusses how the Virtual Organisations (VO) concept can be used for experiment-based dynamic security association management. The proposed technical solutions are intended to be compatible and interoperable with the current implementation of the Grid security middleware in the Globus Toolkit and gLite. The paper is based on experiences gained from major Grid-based and Gridoriented projects in collaborative applications and complex resource provisioning. |
Year | DOI | Venue |
|---|---|---|
2006 | 10.1109/CTS.2006.59 | Information & Computation |
Keywords | Field | DocType |
experiment-based dynamic security association,dynamic security context management,saml,policy-based access control,workflow management technology,grid security middleware,xacml,grid-based collaborative environment,workflow,access control,rbac,paper discusses,security infrastructure,complex resource,access control model,team-based role management,dynamic grid-based collaborative environment,complex collaboration scenario,collaboration,resource management,web services,authorization,middleware,technology management,security | Resource management,Software engineering,Computer security,Computer science,Role-based access control,Provisioning,Security association,XACML,Access control,Workflow,Technology management,Distributed computing | Conference |
ISBN | Citations | PageRank |
0-9785699-0-3 | 12 | 1.49 |
References | Authors | |
1 | 4 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Yuri Demchenko | 1 | 425 | 57.41 |
| Leon Gommans | 2 | 245 | 31.45 |
| Andrew Tokmakoff | 3 | 86 | 11.42 |
| Rene van Buuren | 4 | 31 | 4.23 |