Skip to main content
SpringerLink
Log in

Distributed Access Control for Grid Environments Using Trust Management Approach

  • Conference paper
Parallel and Distributed Processing and Applications - ISPA 2005 Workshops (ISPA 2005)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3759))

  • 587 Accesses

Abstract

In Grid environments, virtual organizations (VOs) often need to define access control policies to govern who can use which resources for which purpose over multiple policy domains. This is challenging, not only because the entities in VOs must collaborate with each other to share resources across administrative domains, but also because there usually exist a large amount of underlying sites (resource providers) and users in VOs. In this paper, we introduce to use trust management approach to address these problems in Grid environments. We propose a rule-based policy language (RPL) framework to describe the authorization and delegation policies related to VOs, sites and users. This paper also introduces the design of an enhanced community authorization service (ECAS) based on RPL framework, which can be seamlessly integrated with local authorization mechanisms. ECAS uses different kinds of delegation policies for flexible collaboration on authorization between entities in VOs. Compared with similar research works, ECAS enhances the flexibility and scalability of decentralized authorization in Grid environments.

This work is supported by Grand Fundamental Research 973 Program of China (No.2005CB321804), National Natural Science Foundation under Grant No.90412011; the National High Technology Development 863 Program of China (No.2003AA115210; No.2004AA112020).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ellison, C.M., Frantz, B., Lampson, B., Rivest, R., Thomas, B.M., Ylonen, T.: SPKI Certificate Theory. IETF RFC 2693 (1998)

    Google Scholar 

  2. Foster, I., et al.: A Security Architecture for Computational Grids. In: Proceedings of the 5th ACM Conference on Computer and Communications Security (1998)

    Google Scholar 

  3. Foster, I., Kesselman, C., Tuecke, S.: The Anatomy of the Grid: Enabling Scalable Virtual Organizations. International Journal of High Performance Computing Applications 15(3), 200–222 (2001)

    Article  Google Scholar 

  4. Foster, I., Kesselman, C.: Globus: A meta-computing infrastructure toolkit. The International Journal of Supercomputer Applications and High Performance Computing 11(2), 115–128 (1997)

    Article  Google Scholar 

  5. Pearlman, L., Kesselman, C., Welch, V., Foster, I., Tuecke, S.: The Community Authorization Service: Status and Future. In: CHEP 2003, La Jolla, California, March 24-28 (2003)

    Google Scholar 

  6. Becker, M.Y., Sewell, P.: Cassandra: Flexible Trust Management. Applied to Electronic Health Records. In: Proceedings of the 17th IEEE Computer Security Foundations Workshop, CSFW 2004 (2004)

    Google Scholar 

  7. Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings of 17th Symposium on Security and Privacy, Oakland, pp. 164–173. IEEE, Los Alamitos (1996)

    Google Scholar 

  8. Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The KeyNote trust-management system, version 2. IETF RFC 2704 (September 1999)

    Google Scholar 

  9. Li, N., Winsborough, W.H., Mitchell, J.C.: Distributed Credential Chain Discovery in Trust Management. Journal of Computer Security 11(1), 35–86 (2003)

    Google Scholar 

  10. Kanellakis, P.C., Kuper, G.M., Revesz, P.Z.: Constraint query languages. Journal of Computer and System Sciences 51(1), 26–52 (1995)

    Article  MathSciNet  Google Scholar 

  11. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Computer 29(2), 38–47 (1996)

    Google Scholar 

  12. Shands, D., et al.: Secure Virtual Enclaves: Supporting Coalition use of Distributed Applications Technologies. ACM Transactions on Information and System Security 4(2), 103–133 (2001)

    Article  Google Scholar 

  13. Quillinan, T.B., Clayton, B.C., Foley, S.N.: GridAdmin: Decentralising Grid Administration using Trust Management. In: Proceedings of the ISPDC/HeteroPar 2004 (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science, National University of Defense Technology, China

    Gang Yin, Huai-min Wang & Dian-xi Shi

  2. School of Electronic Science and Engineering, National University of Defense Technology, China

    Tao Liu

  3. China Xi’an Satellite Control Center,  

    Ming-feng Chen

Authors
  1. Gang Yin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Huai-min Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tao Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Dian-xi Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Ming-feng Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. State Key Laboratory for Novel Software Technology, Nanjing University, 210093, Nanjing, China

    Guihai Chen

  2. Dept. of CS, Georgia State University, 30302, Atlanta, GA, USA

    Yi Pan

  3. Department of Computer Science and Engineering, Shanghai Jiao Tong University, 200030, Shanghai, China

    Minyi Guo

  4. Department of Computer Science, University of Virginia,  

    Jian Lu

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Yin, G., Wang, Hm., Liu, T., Shi, Dx., Chen, Mf. (2005). Distributed Access Control for Grid Environments Using Trust Management Approach. In: Chen, G., Pan, Y., Guo, M., Lu, J. (eds) Parallel and Distributed Processing and Applications - ISPA 2005 Workshops. ISPA 2005. Lecture Notes in Computer Science, vol 3759. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11576259_53

Download citation

  • DOI: https://doi.org/10.1007/11576259_53

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-29770-3

  • Online ISBN: 978-3-540-32115-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation