Dynamic security context management in Grid-based applications
2008 (English)In: Future generations computer systems, ISSN 0167-739X, Vol. 24, no 5, 434-441 p.Article in journal (Refereed) Published
This paper summarises ongoing research and recent results on the development of flexible access control infrastructure for complex resource provisioning in Grid-based collaborative applications and on-demand network services provisioning. The paper analyses the general access control model for Grid-based applications and discusses what mechanisms can be used for expressing and handling dynamic domain or process/workflowrelated security context. Suggestions are given on what specific functionality should be added to the Grid-oriented authorization frameworks to handle such dynamic security context. As an example, the paper explains how such functionality can be achieved in the GAAA Authorization framework (GAAA-AuthZ) and GAAA toolkit. Additionally, the paper describes AuthZ ticket format for extended AuthZ session management. The paper is based on experiences gained from major Grid-based and Grid-oriented projects such as EGEE, Phosphorus, NextGRID, and GigaPort Research on Network.
Place, publisher, year, edition, pages
2008. Vol. 24, no 5, 434-441 p.
dynamic grid services, grid middleware, complex resource provisioning, policy-based access control, authorisation, dynamic security context, authorisation session, generic AAA authorisation framework, globus toolkit authorisation framework
IdentifiersURN: urn:nbn:se:kth:diva-38102DOI: 10.1016/j.future.2007.07.015ISI: 000254813500010ScopusID: 2-s2.0-40249093696OAI: oai:DiVA.org:kth-38102DiVA: diva2:436080
7th IEEE/ACM International Conference on Grid Computing Location: Barcelona, SPAIN Date: SEP 28-29, 2006 2011-08-222011-08-222011-08-22Bibliographically approved