Ticket-based fine-grained authorization service in the dynamic VO environment

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Ticket-based fine-grained authorization service in the dynamic VO environment

Full text

Pdf (468 KB)

Source

Conference on Computer and Communications Security archive
Proceedings of the 2004 workshop on Secure web service table of contents

Fairfax, Virginia

Pages: 29 - 36

Year of Publication: 2004

ISBN:1-58113-973-X

Authors

Byung Joon Kim	Pohang University of Science and Technology (POSTECH), Hyoja-dong, Pohang, Korea
Sung Je Hong	Pohang University of Science and Technology (POSTECH), Hyoja-dong, Pohang, Korea
Jong Kim	Pohang University of Science and Technology (POSTECH), Hyoja-dong, Pohang, Korea

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 1, Downloads (12 Months): 20, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1111348.1111352 What is a DOI?

ABSTRACT

Virtual Organization (VO) is a collection of users and distributed resources, in which resources are shared by users. Creating VOs is very important task in Grid computing. VOs are dynamically created for some goals and then disappear after the goals are achieved. Conventional authorization architectures for the Grid have been proposed in a single VO environment. However, in reality we often need to handle the situation of several dynamically created VOs. Hence, enough fine-grained authorization methods for all the Grid entities such as resource providers, VO manger, and users do not exist under the dynamic VO environment. In this paper, we propose a TAS architecture to support a fine-grained authorization service in a dynamic VO environment. In contrast to the conventional architecture, TAS architecture uses a ticket that is unforgeable and exchangeable among VO entities for resource control.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	I. Foster, C. Kesselman, J. Nick, and S. Tuecke, "The Physioloby of the Grid: An Open Grid Services Architecture for Distributed Systems Integration," Open Grid Service Infrastructure WG (GGF), June 2002.
	2	Ian Foster , Carl Kesselman , Steven Tuecke, The Anatomy of the Grid: Enabling Scalable Virtual Organizations, International Journal of High Performance Computing Applications, v.15 n.3, p.200-222, August 2001 [doi>10.1177/109434200101500302]
	3	I. Foster , C. Kesselman, The Globus Project: A Status Report, Proceedings of the Seventh Heterogeneous Computing Workshop, p.4, March 30-30, 1998
	4	L. Pearlman , V. Welch , I. Foster , C. Kesselman , S. Tuecke, A Community Authorization Service for Group Collaboration, Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02), p.50, June 05-07, 2002
	5	M. Thompson, W. Johnston, S. Mudumbai, G. Hoo, K. Jackson, and A. Essiari, "Certificate-based Access Control for Widely Distributed Resources," Proceedings of the 8th USENIX Security Symposium, pp. 215--227, August 1999.
	6	R. Alfieri, R. Cecchini, V. Ciaschini, L. dell'Agnello, Á. Frohner, A. Gianoli, K. Lõrentey and F. Spataro, "VOMS, an Authorization System for Virtual Organizations," European Across Grids Conference, pp. 33--40, 2003.
	7	David W. Chadwick , Alexander Otenko, The PERMIS X.509 role based privilege management infrastructure, Future Generation Computer Systems, v.19 n.2, p.277-289, February 2003 [doi>10.1016/S0167-739X(02)00153-X]
	8	Yun Fu , Jeffrey Chase , Brent Chun , Stephen Schwab , Amin Vahdat, SHARP: an architecture for secure resource peering, Proceedings of the nineteenth ACM symposium on Operating systems principles, October 19-22, 2003, Bolton Landing, NY, USA
	9	K. Keahey and V. Welch, "Fine-Grain Authorization for Resource Management in the Grid Environment," GGF6, pp. 199--206, 2002.
	10	The Globus Alliance, http://www.globus.org.
	11	Von Welch , Frank Siebenlist , Ian Foster , John Bresnahan , Karl Czajkowski , Jarek Gawor , Carl Kesselman , Sam Meder , Laura Pearlman , Steven Tuecke, Security for Grid Services, Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing (HPDC'03), p.48, June 22-24, 2003
	12	XMS Signature, http://www.w3c.org/Signature.
	13	Ion Stoica , Robert Morris , David Liben-Nowell , David R. Karger , M. Frans Kaashoek , Frank Dabek , Hari Balakrishnan, Chord: a scalable peer-to-peer lookup protocol for internet applications, IEEE/ACM Transactions on Networking (TON), v.11 n.1, p.17-32, February 2003 [doi>10.1109/TNET.2002.808407]
	14	Antony I. T. Rowstron , Peter Druschel, Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems, Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms Heidelberg, p.329-350, November 12-16, 2001
	15	Sylvia Ratnasamy , Paul Francis , Mark Handley , Richard Karp , Scott Schenker, A scalable content-addressable network, Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications, p.161-172, August 2001, San Diego, California, United States
	16	Ben Y. Zhao , John D. Kubiatowicz , Anthony D. Joseph, Tapestry: An Infrastructure for Fault-tolerant Wide-area Location and, University of California at Berkeley, Berkeley, CA, 2001
	17	XML Key Management Specification (XKMS), http://www.w3c.org/2001/XKMS/.
	18	Seung-Hyun Kim , Jong Kim , Sung-Je Hong , Sangwan Kim, Workflow-based Authorization Service in Grid, Proceedings of the Fourth International Workshop on Grid Computing, p.94, November 17-17, 2003
	19	J. T. Kohl, B. C. Neuman, and T. Y. T'so, "The evolution of the Kerberos authentication system. In Distributed Open Systems," IEEE Computer Society Press, pp 78--94, 1994.