Dynamic and fine-grained authentication and authorisation for grid computing

The Globus Toolkit makes it very easy and comfortable for grid users to develop and deploy grid service. As for its security mechanism, however, only static authentication and coarse-grained authorisation are provided in the current Globus Toolkit. In this paper we address the limitations of the current security mechanism in the Globus Toolkit and propose a new architecture, which provides a fine-grained and flexible security mechanism. To implement this without modifying existing components, we make use of the Aspect-Oriented Programming technique.

[1]  Ian T. Foster,et al.  The Anatomy of the Grid: Enabling Scalable Virtual Organizations , 2001, Int. J. High Perform. Comput. Appl..

[2]  Tzilla Elrad,et al.  Aspect-oriented programming: Introduction , 2001, CACM.

[3]  Dennis G. Kafura,et al.  First experiences using XACML for access control in distributed systems , 2003, XMLSEC '03.

[4]  Ian T. Foster,et al.  A security architecture for computational grids , 1998, CCS '98.

[5]  Lodewijk Bergmans,et al.  Composing crosscutting concerns using composition filters , 2001, CACM.

[6]  Steven Tuecke,et al.  The Physiology of the Grid An Open Grid Services Architecture for Distributed Systems Integration , 2002 .

[7]  Ian Foster,et al.  The Security Architecture for Open Grid Services , 2002 .

[8]  Marty Humphrey,et al.  OGSI.NET: OGSI-compliance on the .NET framework , 2004, IEEE International Symposium on Cluster Computing and the Grid, 2004. CCGrid 2004..

[9]  Ian T. Foster,et al.  Security for Grid services , 2003, High Performance Distributed Computing, 2003. Proceedings. 12th IEEE International Symposium on.