The grid problem is how to enable coordinated resources sharing and problem solving in dynamic, multi-institutional cross organizations called Virtual Organizations (VOs) that collect a large number of nodes grouped into grid sites. An overlay of policies governs access within a collaboration that is granted to users by a VO and by a site to VOs, nodes and users through site admission-control policies. Most resources consist of web applications and web services shared by a site that is part of a VO. The paper proposes an analysis of web application security by referring to XML-based applications accessed through a grid system. The different organizational domains involved transfer security from grid-wide to the VO level, and from the site and machine to the application level in order to allow local control to be retained.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Kenneth P. Birman, Reliable Distributed Systems: Technologies, Web Services, and Applications, Springer-Verlag New York, Inc., Secaucus, NJ, 2005
	2	Thomas Erl, Service-Oriented Architecture: A Field Guide to Integrating XML and Web Services, Prentice Hall PTR, Upper Saddle River, NJ, 2004
	3	Ian Foster , Carl Kesselman, The Grid 2: Blueprint for a New Computing Infrastructure, Morgan Kaufmann Publishers Inc., San Francisco, CA, 2003
	4	Volpato, A., Taffoni, G., Pastore, S., Vuerli, C., Baruffolo, A., Smareglia, R., Castelli, G., Pasian, F. Benacchio, L., Ambrosi, E., Ghiselli, A., "Astronomical database related applications in the Grid. it project", Proceedings of Astronomical Data Analysis Software & System (ADASS XIV), ASP Conference Series, Vol. XXX, 2005, P. L. Shopbell, M. C. Britton, and R. Ebert, eds., pp.13--15.
	5	Mark Curphey , Rudolph Araujo, Web Application Security Assessment Tools, IEEE Security and Privacy, v.4 n.4, p.32-41, July 2006  [doi>10.1109/MSP.2006.108]
	6	Ian Foster , Carl Kesselman , Gene Tsudik , Steven Tuecke, A security architecture for computational grids, Proceedings of the 5th ACM conference on Computer and communications security, p.83-92, November 02-05, 1998, San Francisco, California, United States  [doi>10.1145/288090.288111]
	7	EGEE JRA3 team, EGEE Global Security Architecture for web and legacy services, EU Deliverable DJRA3.1, EGEE-JRA3-TEC-487004-DJRA3.1-v1-1, 2004
	8	R. Alfieri , R. Cecchini , V. Ciaschini , Luca dell'Agnello , Á Frohner , K. Lőrentey , F. Spataro, From gridmap-file to VOMS: managing authorization in a Grid environment, Future Generation Computer Systems, v.21 n.4, p.549-558, April 2005  [doi>10.1016/j.future.2004.10.006]
	9	EGEE JRA1 team, EGEE Middleware architecture, EU deliverable DJRA1.4, EGEE-DJRA1.1-594698-v1.0, 2004.
	10	Carlisle Adams , Steve Lloyd, Understanding PKI: Concepts, Standards, and Deployment Considerations, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 2002
	11	IETF Internet X.509 PKI Proxy Certificate Profile, RFC 3820, at url: http://www.ietf.org/rfc/rfc3820.txt
	12	S. Farrell , R. Housley, An Internet Attribute Certificate Profile for Authorization, RFC Editor, 2002
	13	Cornwall, L., Jensen, J., Kelsey, D. P., Frohner, A., Kouril, D., Bonnassieux, F., Nicoud, S., Lörentey, K., Hahkala, J., Silander, M., Cecchini, R., Ciaschini, V. Dell'Agnello, L., Spataro, F., O'Callaghan, D., Mulmo, O., Volpato, G. L., Groep, D. L., Steenbakkers, M., McNab, A., "Authentication and Authorization Mechanisms for Multi-Domain Grid Environments". Journal of Grid Computing 2(4): 301--311.
	14	OASIS Web Services Security (WSS) TC, at url: http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss
	15	OASIS Security Services The Security Assertion Markup Language (SAML) TC, http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security