Skip to main content

Security Architecture for Open Collaborative Environment

  • Conference paper
Advances in Grid Computing - EGC 2005 (EGC 2005)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3470))

Included in the following conference series:

Abstract

The paper presents proposed Security Architecture for Open Collaborative Environment (OCE) being developed in the framework of the Collaboratory.nl (CNL) project with the intent to build a flexible, customer-driven security infrastructure for open collaborative applications. The architecture is based on extended use of emerging Web Services and Grid security technologies combined with concepts from the generic Authentication Authorization and Accounting (AAA) and Role-based Access Control (RBAC) frameworks. The paper describes another proposed solution the Job-centric security model that uses a Job description as a semantic document created on the basis of the signed order (or business agreement) to provide a job-specific context for invocation of the basic OCE security services. Typical OCE use case of policy based access control is discussed in details.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Security in a Web Services World: A Proposed Architecture and Roadmap, Version 1.0, A joint security whitepaper from IBM Corporation and Microsoft Corporation. April 7 (2002), http://www-106.ibm.com/developerworks/library/ws-secmap/

  2. The Open Grid Services Architecture, Version 1.0, July 12 (2004), http://www.gridforum.org/Meetings/GGF12/Documents/draft-ggf-ogsa-specv1.pdf

  3. de Laat, Gross, G., Gommans, L., Vollbrecht, J., Spence, D.: RFC 2903, Experimental, Generic AAA Architecture (August 2000), ftp://ftp.isi.edu/in-notes/rfc2903.txt

  4. Vollbrecht, J., Calhoun, P., Farrell, S., Gommans, L., Gross, G., de Bruijn, B., de Laat, C., Holdrege, M., Spence, D.: RFC 2904, Informational, AAA Authorization Framework (August 2000), ftp://ftp.isi.edu/in-notes/rfc2904.txt

  5. Role Based Access Control (RBAC) – NIST (April 2003), http://csrc.nist.gov/rbac/

  6. eXtensible Access Control Markup Language (XACML) Version 1.0 - OASIS Standard (February 2003), http://www.oasis-open.org/committees/download.php/2406/oasis-xacml-1.0.pdf

  7. Keahey, K., Welch, V.: Fine-Grain Authorization for Resource Management in the Grid Environment, http://www.fusiongrid.org/research/papers/grid2002.pdf

  8. Lorch, M., Kafura, D., Shah, S.: An XACML-based Policy Management and Authorization Service for Globus Resources. Grid 2003, November 17 (2003), http://zuni.cs.vt.edu/publications/grid-authz-policy-mgmt-wip03.ps

  9. Web Services Architecture, W3C Working Draft, August 8 (2003), http://www.w3.org/TR/ws-arch/

  10. Web Services Security Framework by OASIS, http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss

  11. Security Assertion Markup Language (SAML) v1.0 - OASIS Standard (November 2002), http://www.oasis-open.org/committees/documents.php?wg_abbrev=security

  12. A grammar for Policies in a Generic AAA Environment, http://www.ietf.org/internet-drafts/draft-irtf-aaaarch-generic-policy-03.txt

  13. Web Services Policy Framework (WS-Policy). Version 1.1, http://msdn.microsoft.com/ws/2002/12/Policy/

  14. Web Services Policy Attachment (WS-PolicyAttachment). Version 1.1, http://msdn.microsoft.com/ws/2002/12/PolicyAttachment/

  15. XACML profile for Web-services (WSPL), http://www.oasis-open.org/committees/download.php/3661/draft-xacml-wspl-04.pdf

  16. Web Services Federation Language (WS-Federation) Version 1.0, July 8 (2003), http://msdn.microsoft.com/ws/2003/07/ws-federation/

  17. Liberty Alliance Phase 2 Final Specifications, http://www.projectliberty.org/specs/

  18. Yu, D.: Virtual Organisations in Computer Grids and Identity Management. Elsevier Information Security Technical Report 9(1), 59–76 (2004)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Demchenko, Y. et al. (2005). Security Architecture for Open Collaborative Environment. In: Sloot, P.M.A., Hoekstra, A.G., Priol, T., Reinefeld, A., Bubak, M. (eds) Advances in Grid Computing - EGC 2005. EGC 2005. Lecture Notes in Computer Science, vol 3470. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11508380_60

Download citation

  • DOI: https://doi.org/10.1007/11508380_60

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-26918-2

  • Online ISBN: 978-3-540-32036-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics