Skip to main content
SpringerLink
Log in

Attribute-Based Access Control for Layered Grid Resources

  • Conference paper
Communication and Networking (FGCN 2010)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 120))

Abstract

Attribute-Based Access Control (ABAC) is a fine-grained and flexible authorization method. In this paper, considering the layered structure of Grid resources, an ABAC model named Grid_ABAC is presented, and the implementation architecture of Grid_ABAC basing on XACML is proposed. The paper also describes the method for integrating Grid_ABAC seamlessly into the authorization framework of the Globus Tloolkit. The test result shows that Grid_ABAC is efficient and provides a more flexible and open access control method for grid computing.

The work was supported by the Hi-Tech Research and Development Program of China under Grant No.2007AA010301, the Foundation of the State Key Laboratory of Software Development Environment under Grant No.SKLSDE-2009ZX-06, and the National Important Research Plan of Infrastructure Software under Grant No.2010ZX01042-002-001-00.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Foster, I., Kesselman, C., Tuecke, S.: The Anatomy of the Grid: Enabling Scalable Virtual Organizations. International J. Supercomputer Applications 15(3), 200–222 (2001)

    Article  Google Scholar 

  2. OASIS: eXtensible Access Control Markup Language (XACML) Version 2.0. (2003), http://www.oasis-open.org/committees/xacml

  3. Barton, T., Basney, J., Freeman, T., Scavo, T., Siebenlist, F., Welch, V., Ananthakrishnan, R., Baker, B., Goode, M.: Keahey. K.: Identity Federation and Attribute-based Authorization through the Globus Toolkit, Shibboleth, Gridshib, and MyProxy. In: 5th Annual PKI R&D Workshop (2006)

    Google Scholar 

  4. Demchenko, Y., Gommans, L., de Laat, C.: Using SAML and XACML for complex resource provisioning in grid based applications. In: IEEE Workshop on Policies for Distributed Systems and Networks 2007, Bologna, Italy, pp. 183–187 (2007)

    Google Scholar 

  5. Shen, H.: A Semantic- and Attribute-Based Framework for Web Services Access Control. In: 2nd International Workshop on Intelligent Systems and Applications, ISA 2010 (2010)

    Google Scholar 

  6. Yuan, E., Tong, J.: Attribute based access control (ABAC) for Web services. In: The 3rd International Conference on Web Services, pp. 561–569. IEEE Computer Society, Orlando (2005)

    Google Scholar 

  7. Lang, B., Foster, I., Siebenlist, F., Ananthakrishnan, R., Freeman, T.: A Flexible Attribute Based Access Control Method for Grid Computing. Journal of Grid Computing 7, 169–180 (2009)

    Article  Google Scholar 

  8. GT 4.0: Security: Authorization Framework (2004), http://www.globus.org/toolkit/docs/4.0/security/authzframe

Download references

Author information

Authors and Affiliations

  1. State Key Lab of Software Development Environment, Beihang University, Beijing, 100191, China

    Bo Lang, Hangyu Li & Wenting Ni

Authors
  1. Bo Lang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hangyu Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Wenting Ni
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Hannam University, Daejeon, South Korea

    Tai-hoon Kim

  2. University of Western Macedonia, Kozani, Greece

    Thanos Vasilakos

  3. Faculty of Information Science and Electrical Engineering, Kyushu University, 6-10-1 Hakozaki, 812-8581, Fukuoka, Japan

    Kouichi Sakurai

  4. The University of Alabama, Tuscaloosa, AL, USA

    Yang Xiao

  5. Sun Yat-sen University, 510275, Guangzhou, P.R. China

    Gansen Zhao

  6. University of Warsaw & Infobright Inc., Poland

    Dominik Ślęzak

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lang, B., Li, H., Ni, W. (2010). Attribute-Based Access Control for Layered Grid Resources. In: Kim, Th., Vasilakos, T., Sakurai, K., Xiao, Y., Zhao, G., Ślęzak, D. (eds) Communication and Networking. FGCN 2010. Communications in Computer and Information Science, vol 120. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17604-3_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-17604-3_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-17603-6

  • Online ISBN: 978-3-642-17604-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation