Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Dynamic Trust Federation in Grids
KTH, Skolan för datavetenskap och kommunikation (CSC), Centra, Parallelldatorcentrum, PDC. (Parallelldatorcentrum)
Visa övriga samt affilieringar
2006 (Engelska)Ingår i: Trust Management, Proceedings / [ed] Stolen, K; Winsborough, WH; Martinelli, F; Massacci, F, 2006, Vol. 3986, s. 3-18Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Grids are becoming economically viable and productive tools. They provide a way of utilizing a vast array of linked resources such as computing systems, databases and services online within Virtual Organizations (VO). However, today's Grid architectures are not capable of supporting dynamic, agile federation across multiple administrative domains and the main barrier, which hinders dynamic federation over short time scales is security. Federating security and trust is one of the most significant architectural issues in Grids. Existing relevant standards and specifications can be used to federate security services, but do not directly address the dynamic extension of business trust relationships into the digital domain. In this paper we describe an experiment which highlights those challenging architectural issues and forms the basis of an approach that combines a dynamic trust federation and a dynamic authorization mechanism for addressing dynamic security trust federation in Grids. The experiment made with the prototype described in this paper is used in the NextGRID(1) project to define the requirements of next generation Grid architectures adapted to business application needs.

Ort, förlag, år, upplaga, sidor
2006. Vol. 3986, s. 3-18
Serie
Lecture notes in computer science, ISSN 0302-9743 ; 3986
Nationell ämneskategori
Data- och informationsvetenskap
Identifikatorer
URN: urn:nbn:se:kth:diva-9937DOI: 10.1007/11755593_2ISI: 000238108800002Scopus ID: 2-s2.0-33745908270ISBN: 978-3-540-34295-3 (tryckt)OAI: oai:DiVA.org:kth-9937DiVA, id: diva2:159718
Konferens
4th International Conference on Trust Management Location: Pisa, Italy, Date: MAY 16-19, 2006
Anmärkning
QC 20111006Tillgänglig från: 2009-02-10 Skapad: 2009-02-10 Senast uppdaterad: 2018-01-13Bibliografiskt granskad
Ingår i avhandling
1. On-demand Restricted Delegation: A Framework for Dynamic, Context-Aware, Least-Privilege Delegation in Grids
Öppna denna publikation i ny flik eller fönster >>On-demand Restricted Delegation: A Framework for Dynamic, Context-Aware, Least-Privilege Delegation in Grids
2009 (Engelska)Doktorsavhandling, sammanläggning (Övrigt vetenskapligt)
Abstract [en]

In grids, delegation is a key facility that can be used to authenticate and authorize requests on behalf of disconnected users. In current grid systems,delegation is either performed dynamically, in an unrestricted manner, or by a secure but static method. Unfortunately, the former compromises security and the latter cannot satisfy the requirements of dynamic grid application execution. Therefore, development of a delegation framework that enables a restricted and flexible delegation mechanism becomes increasingly urgent as grids are adopted by new communities and grow in size. The main barriers in development of such a mechanism are the requirements for dynamic execution of grid applications, which make it difficult to anticipate required access rights for completing tasks in advance.

Another significant architectural requirement in grids is federated security and trust. A considerable barrier to achieving this is cross-organizational authentication and identification. Organizations participating in Virtual Organizations (VOs) may use different security infrastructures that implement different protocols for authentication and identification; thus, there exists a need to provide an architectural mechanism for lightweight, rapid and interoperable translation of security credentials from an original format to a format understandable by recipients.

This thesis contributes the development of a delegation framework that utilizes a mechanism for determining and acquiring only required rights and credentials for completing a task, when they are needed. This is what we call an on-demand delegation framework that realizes a bottom-up delegation model and provides a just-in-time acquisition of rights for restricted and dynamic delegation.

In this thesis, we further contribute the development of a credential mapping mechanism using off-the-shelf standards and technologies. This mechanism provides support for an on-the-fly exchange of different types of security credentials used by the security mechanisms of existing grids.

Ort, förlag, år, upplaga, sidor
Stockholm: Universitetsservice US AB, 2009. s. xi, 62
Serie
Trita-CSC-A, ISSN 1653-5723 ; 2009:01
Nyckelord
Grid Security, Restricted and Context-Aware Delegation, Delegation Protocol, On-demand Delegation, Dynamic Trust Federation, Grid Interoperability, Credential Mapping
Nationell ämneskategori
Datavetenskap (datalogi)
Identifikatorer
urn:nbn:se:kth:diva-9930 (URN)978-91-7415-219-7 (ISBN)
Disputation
2009-02-16, Sal F3, Flodis, KTH, Linstedsvägen 26, Stockholm, 13:00 (Engelska)
Opponent
Handledare
Anmärkning
QC 20100622Tillgänglig från: 2009-02-09 Skapad: 2009-02-09 Senast uppdaterad: 2018-01-13Bibliografiskt granskad

Open Access i DiVA

Fulltext saknas i DiVA

Övriga länkar

Förlagets fulltextScopus

Sök vidare i DiVA

Av författaren/redaktören
Ahsant, MehranMulmo, Olle
Av organisationen
Parallelldatorcentrum, PDC
Data- och informationsvetenskap

Sök vidare utanför DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetricpoäng

doi
isbn
urn-nbn
Totalt: 611 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf