Skip to main content
Article thumbnail
Location of Repository

Comparison of advanced authorisation infrastructures for grid computing

By A.J. Stell, R.O. Sinnott and J.P. Watt

Abstract

The widespread use of grid technology and distributed compute power, with all its inherent benefits, will only be established if the use of that technology can be guaranteed efficient and secure. The predominant method for currently enforcing security is through the use of public key infrastructures (PKI) to support authentication and the use of access control lists (ACL) to support authorisation. These systems alone do not provide enough fine-grained control over the restriction of user rights, necessary in a dynamic grid environment. This paper compares the implementation and experiences of using the current standard for grid authorisation with Globus - the grid security infrastructure (GSI) - with the role-based access control (RBAC) authorisation infrastructure PERMIS. The suitability of these security infrastructures for integration with regard to existing grid technology is presented based upon experiences within the JISC-funded DyVOSE project

Topics: QA75
Publisher: IEEE
Year: 2005
OAI identifier: oai:eprints.gla.ac.uk:3560
Provided by: Enlighten

Suggested articles

Citations

  1. (2002). A Community Authorisation Service for Group Collaboration,
  2. (2003). A Comparison of the Akenti and PERMIS Authorization Infrastructures,
  3. (2003). Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML)
  4. Authorisation and Accounting (AAA) Programme Technologies for Information Environment Security (TIES),
  5. (1998). Authorization and Attribute Certificates for Widely Distributed Access Control, doi
  6. (2003). Cardea: Dynamic Access Control in Distributed Systems,
  7. Dynamic Virtual Organisations in e-Science Education project (DyVOSE),
  8. (2003). E.Ball, Role-based Access Control with X.509 Attribute Certificates, doi
  9. (2002). European Datagrid Authorization Working group,
  10. (2004). Experiences using Bridge CAs for Grids, doi
  11. (2004). Grid Security: An Evaluation of Authorisation Infrastructures for Grid Computing, MSc Dissertation, doi
  12. (1995). ISO/IEC 10181-3:1996, Security Frameworks for open systems: Access control framework
  13. (2000). ISO/IEC 9594-8. The Directory: Authentication Framework.
  14. (2001). Planning for PKI: Best Practices Guide for Deploying Public Key Infrastructures,
  15. (2005). Research Informatics Delivered by Grid Enabled Services
  16. Role Management Infrastructure Standards Validation project www.permis.org
  17. (2002). The PERMIS X.509 Role Based Privilege Management Infrastructure, doi
  18. UK e-Science Certification Authority, doi
  19. Virtual Organisation Management, The London E-Science centre,
  20. Virtual Organisations for Trials and Epidemiological Studies project (VOTES),

To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.