Abstract
As an important aspect of grid security, access control model gets more and more attention. Entities in virtual organizations (VOs) must establish a dynamic, secure and cooperative trust mechanism. This paper analyses the cross-organization, dynamic, cooperative and multilevel characteristics of access control problem in grid, and proposes a novel VO-based access control framework. The multilevel access control model is introduced for multilevel requirements and delegation concept is also introduced for permission delegation across organizations.
This paper is supported by ChinaGrid project from Ministry of Education.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Foster, I., Kesselman, C., Tuecke, S.: The Anatomy of the Grid: Enabling Scalable Virtual Organizations. International Journal of High Performance Computing Applications 15(3), 200–222 (2001)
Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: A Security Architecture for Computational Grids. In: Proceedings of the 5th ACM Conference on Computer and Communications Security, San Francisco, CA, USA, pp. 83–92 (1998)
Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-based access control models. IEEE Computer 29(2) (February 1996)
Ferraiolo, D.F., Sandhu, R., et al.: Proposed NIST Standard for Role-Based Access Control. ACM Transactions on Information and System Security 4(3), 224–274 (2001)
Thomas, R.K.: Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments. In: Proceedings of the 2nd ACM workshop on Role-based access control, Fairfax, VA, USA, October 1997, pp. 13–19 (1997)
Wang, W.: Team-and-Role-Based Organizational Context and Access Control for Cooperative Hypermedia Environments. In: Proceeding of ACM Hypertext 1999, Darmstadt, Germany, pp. 37–46 (1999)
Thomas, R.K., Sandhu, R.S.: Task-based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-oriented Authorization Management. In: Proceedings of the IFIP WG11.3 Workshop on Database Security, Lake Tahoe, California (August 1997)
Atluri, V., Huang, W.K.: An authorization model for workflow. In: Proceeding of the Fourth European Symposium on Research in Computer Security, September 1996, pp. 44–64 (1996)
Cohen, E., Thomas, R.K., Winsborough, W., Shands, D.: Models for coalition-based access control (CBAC). In: Proceedings of the seventh ACM symposium on Access control models and technologies, Monterey, CA, USA (June 2002)
Thompson, M., Johnston, W., Mudumbai, S., Hoo, G., Jackson, K., Essiari, A.: Certificate- based Access Control for Widely Distributed Resources. In: Proceedings of the Eighth Usenix Security Symposium (August 1999)
Chadwick, D., Otenko, A.: The Permis X.509 Role Based Privilege Management Infrastructure. In: Proceedings of SACMAT 2002 Conference, pp. 135–140. ACM Press, New York (2002)
Pearlman, L., Welch, V., Foster, I., Kesselman, C., Tuecke, S.: A Community Authorization Service for Group Collaboration. In: Proceedings of the IEEE 3rd International Workshop on Policies for Distributed Systems and Networks (2002)
Keahey, K., Welch, V., Lang, S., Liu, B., Meder, S.: Fine-Grain Authorization Policies in the GRID: Design and Implementation. In: Proceedings of the 1st International Workshop on Middleware for Grid Computing (2003)
Ramakrishnan, L., et al.: An Authorization Framework for a Grid Based Component Architecture. In: Proc. of the 3rd International Workshop on Grid Computing (2002)
Welch, V., Siebenlist, F., Foster, I., Bresnahan, J., Czajkowski, K., Gawor, J., Kesselman, C., Meder, S., Pearlman, L., Tuecke, S.: Security for grid services. In: Proceedings of 12th International Symposium on High Performance Distributed Computing (HPDC-12), IEEE Computer Society Press, Los Alamitos (2003)
Sandhu, R., Bhamidipati, V., Coyne, E., Ganta, S., Youman, C.: The ARBAC 1997 model for role-based administration of roles: preliminary description and outline. In: Proceedings of the 2nd ACM workshop on Role-based access control, October 1997, pp. 41–50 (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Qiang, W., Jin, H., Shi, X., Zou, D. (2004). A Novel VO-Based Access Control Model for Grid. In: Jin, H., Pan, Y., Xiao, N., Sun, J. (eds) Grid and Cooperative Computing - GCC 2004. GCC 2004. Lecture Notes in Computer Science, vol 3251. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30208-7_43
Download citation
DOI: https://doi.org/10.1007/978-3-540-30208-7_43
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23564-4
Online ISBN: 978-3-540-30208-7
eBook Packages: Springer Book Archive