Skip to main content
SpringerLink
Log in
Book cover

International Conference on Grid and Cooperative Computing

GCC 2004: Grid and Cooperative Computing - GCC 2004 pp 293–300Cite as

A Novel VO-Based Access Control Model for Grid

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3251))

Abstract

As an important aspect of grid security, access control model gets more and more attention. Entities in virtual organizations (VOs) must establish a dynamic, secure and cooperative trust mechanism. This paper analyses the cross-organization, dynamic, cooperative and multilevel characteristics of access control problem in grid, and proposes a novel VO-based access control framework. The multilevel access control model is introduced for multilevel requirements and delegation concept is also introduced for permission delegation across organizations.

This paper is supported by ChinaGrid project from Ministry of Education.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Foster, I., Kesselman, C., Tuecke, S.: The Anatomy of the Grid: Enabling Scalable Virtual Organizations. International Journal of High Performance Computing Applications 15(3), 200–222 (2001)

    Article  Google Scholar 

  2. Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: A Security Architecture for Computational Grids. In: Proceedings of the 5th ACM Conference on Computer and Communications Security, San Francisco, CA, USA, pp. 83–92 (1998)

    Google Scholar 

  3. Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-based access control models. IEEE Computer 29(2) (February 1996)

    Google Scholar 

  4. Ferraiolo, D.F., Sandhu, R., et al.: Proposed NIST Standard for Role-Based Access Control. ACM Transactions on Information and System Security 4(3), 224–274 (2001)

    Article  Google Scholar 

  5. Thomas, R.K.: Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments. In: Proceedings of the 2nd ACM workshop on Role-based access control, Fairfax, VA, USA, October 1997, pp. 13–19 (1997)

    Google Scholar 

  6. Wang, W.: Team-and-Role-Based Organizational Context and Access Control for Cooperative Hypermedia Environments. In: Proceeding of ACM Hypertext 1999, Darmstadt, Germany, pp. 37–46 (1999)

    Google Scholar 

  7. Thomas, R.K., Sandhu, R.S.: Task-based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-oriented Authorization Management. In: Proceedings of the IFIP WG11.3 Workshop on Database Security, Lake Tahoe, California (August 1997)

    Google Scholar 

  8. Atluri, V., Huang, W.K.: An authorization model for workflow. In: Proceeding of the Fourth European Symposium on Research in Computer Security, September 1996, pp. 44–64 (1996)

    Google Scholar 

  9. Cohen, E., Thomas, R.K., Winsborough, W., Shands, D.: Models for coalition-based access control (CBAC). In: Proceedings of the seventh ACM symposium on Access control models and technologies, Monterey, CA, USA (June 2002)

    Google Scholar 

  10. Thompson, M., Johnston, W., Mudumbai, S., Hoo, G., Jackson, K., Essiari, A.: Certificate- based Access Control for Widely Distributed Resources. In: Proceedings of the Eighth Usenix Security Symposium (August 1999)

    Google Scholar 

  11. Chadwick, D., Otenko, A.: The Permis X.509 Role Based Privilege Management Infrastructure. In: Proceedings of SACMAT 2002 Conference, pp. 135–140. ACM Press, New York (2002)

    Google Scholar 

  12. Pearlman, L., Welch, V., Foster, I., Kesselman, C., Tuecke, S.: A Community Authorization Service for Group Collaboration. In: Proceedings of the IEEE 3rd International Workshop on Policies for Distributed Systems and Networks (2002)

    Google Scholar 

  13. Keahey, K., Welch, V., Lang, S., Liu, B., Meder, S.: Fine-Grain Authorization Policies in the GRID: Design and Implementation. In: Proceedings of the 1st International Workshop on Middleware for Grid Computing (2003)

    Google Scholar 

  14. Ramakrishnan, L., et al.: An Authorization Framework for a Grid Based Component Architecture. In: Proc. of the 3rd International Workshop on Grid Computing (2002)

    Google Scholar 

  15. Welch, V., Siebenlist, F., Foster, I., Bresnahan, J., Czajkowski, K., Gawor, J., Kesselman, C., Meder, S., Pearlman, L., Tuecke, S.: Security for grid services. In: Proceedings of 12th International Symposium on High Performance Distributed Computing (HPDC-12), IEEE Computer Society Press, Los Alamitos (2003)

    Google Scholar 

  16. Sandhu, R., Bhamidipati, V., Coyne, E., Ganta, S., Youman, C.: The ARBAC 1997 model for role-based administration of roles: preliminary description and outline. In: Proceedings of the 2nd ACM workshop on Role-based access control, October 1997, pp. 41–50 (1997)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Cluster and Grid Computing Lab, Huazhong University of Science and Technology, Wuhan, 430074, China

    Weizhong Qiang, Hai Jin, Xuanhua Shi & Deqing Zou

Authors
  1. Weizhong Qiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hai Jin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xuanhua Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Deqing Zou
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Services Computing Technology and System Lab Cluster and Grid Computing Lab School of Computer Science and Technology, Huazhong University of Science and Technology, 430074, Wuhan, China

    Hai Jin

  2. Dept. of CS, Georgia State University, 30302, Atlanta, GA, USA

    Yi Pan

  3. National Laboratory for Parallel and Distributed Processing, NUDT, Changsha, 410073, Hunan, China

    Nong Xiao

  4. Cluster and Grid Computing Lab, Huazhong University of Science and Technology, 430074, Wuhan, China

    Jianhua Sun

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Qiang, W., Jin, H., Shi, X., Zou, D. (2004). A Novel VO-Based Access Control Model for Grid. In: Jin, H., Pan, Y., Xiao, N., Sun, J. (eds) Grid and Cooperative Computing - GCC 2004. GCC 2004. Lecture Notes in Computer Science, vol 3251. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30208-7_43

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30208-7_43

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-23564-4

  • Online ISBN: 978-3-540-30208-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation