Abstract
Access control is the field of security which deals with permissions to access resources, where resources may be computing power, storage capacity and data. On the other hand computational grids are systems, where users share those resources in a mostly transparent way. Grid access control poses novel challenges, since the distributed nature of grids make it difficult to manage access control by a central authority. Numerous overlapping domains with different access control policies exist and the sharing of storage resources makes it possible that data leaves the domain of its owner. To enable the owner to enforce his access control policy in such cases, access control solutions adapted to grid environments are needed. In this article we introduce Semantic Access Certificates as an extension to existing access control solutions for grids, to solve some problems that arise when grids are used to process medical data.
This work is partly supported by the Région Rhône-Alpes and the French ministry for research ACI-GRID project (http://www-sop.inria.fr/aci/grid/public/)
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Foster, I., Kesselman, C. (eds.): The Grid Blueprint for a New Computing Infrastructure. Morgan Kaufmann Publishers, Inc., San Francisco (1999)
European Data Grid: The datagrid project (2001), http://eu-datagrid.web.cern.ch/eudatagrid/
Cactus Community: The cactus code (2002), http://www.cactuscode.org/
National Institute of Advanced Industrial Science and Technology: Grid technology research center (2002), http://www.aist.go.jp/
MEDIGRID: Medical data storage and processing on the GRID. http://creatiswww.insa-lyon.fr/MEDIGRID (2002)
University of Manchester: Manchester Visualization Centre: ix-grid (2002), http://www.sve.man.ac.uk/mvc/Research/iX-Grid/
Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: A security architecture for computational grids. In: Proceedings of the 5th ACM Conference on Computer and Communications Security Conference, pp. 83–92 (1998)
Ferrari, A., Knabe, F., Humphrey, M., Chapin, S., Grimshaw, A.: A flexible security system for metacomputing environments. In: Proceedings of the High Performance Computing and Networking conference 99, HPCN 1999 (1999)
Nemeth, E., Snyder, G., Seebass, S., Hein, T.: UNIX System Administration Handbook, 3rd edn. Prentice Hall PTR, Englewood Cliffs (2000)
Lampson, B.: Protection. In: Proc. of the 5th Princeton Conf. on Information Sciences and Systems, Princeton (1971); Reprinted in ACM Operating Systems Rev. 8(1), 18–24 (1974)
Sandhu, R.: Role-based access control. In: Sandhu, R. (ed.) Advances in Computers, vol. 46, Academic Press, London (1998)
Yao, W., Moody, K., Bacon, J.: A Model of OASIS Role-Based Access Control and its Support for Active Security. In: Proceedings of Sixth ACM Symposium on Access Control Models and Technologies, SACMAT, pp. 171–181 (2001)
Bacon, J., Moody, K., Yao, W.: Access Control and Trust in the use of Widely Distributed Services. In: Guerraoui, R. (ed.) Middleware 2001. LNCS, vol. 2218, pp. 295–310. Springer, Heidelberg (2001)
Condor Team of the University of Wisconsin: Condor, high troughput computing (1988), http://www.cs.wisc.edu/condor/
Legion Research Group of the University of Virginia: Legion, a worldwide virtual computer (1993), http://legion.virginia.edu/
Globus Project: Globus toolkit (1998), http://www.globus.org/
Pearlman, L., Welch, V., Foster, I., Kesselman, C., Tuecke, S.: A community authorization service for group collaboration. In: Proceedings of the 2002 IEEE Workshop on Policies for Distributed Systems and Networks (2002)
Kohl, J., Neuman, C.: The Kerberos Network Authentication Service (V5). Technical report, The Internet Engineering Task Force IETF (1993), http://www.ietf.org/rfc/rfc1510.txt
UMLS: Unified medical language system, http://www.nlm.nih.gov/research/umls/
Bester, J., Foster, I., Kesselman, C., Tedesco, J., Tuecke, S.: Gass: A data movement and access service for wide area computing systems. In: Proceedings of the Sixth Workshop on I/O in Parallel and Distributed Systems (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Seitz, L., Pierson, JM., Brunie, L. (2003). Semantic Access Control for Medical Applications in Grid Environments. In: Kosch, H., Böszörményi, L., Hellwagner, H. (eds) Euro-Par 2003 Parallel Processing. Euro-Par 2003. Lecture Notes in Computer Science, vol 2790. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45209-6_56
Download citation
DOI: https://doi.org/10.1007/978-3-540-45209-6_56
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40788-1
Online ISBN: 978-3-540-45209-6
eBook Packages: Springer Book Archive