Flexible authentication and authorization architecture for grid computing

The Globus Toolkit makes it very easy and comfortable for grid users to develop and deploy grid services. As for the security mechanism, however, only static authentication and coarse-grained authorization mechanism is provided in current Globus Toolkit. In this paper, we address the limitations of current security mechanism in the Globus Toolkit and propose a new architecture which provides fine-grained and flexible security mechanism which works in dynamic environment. To implement this without modifying existing components, we make use of the aspect-oriented programming technique.

[1]  Ian T. Foster,et al.  Globus: a Metacomputing Infrastructure Toolkit , 1997, Int. J. High Perform. Comput. Appl..

[2]  Steven Tuecke,et al.  Managing security in high‐performance distributed computations , 1998, Cluster Computing.

[3]  Lodewijk Bergmans,et al.  Composing crosscutting concerns using composition filters , 2001, CACM.

[4]  Steven Tuecke,et al.  X.509 Proxy Certificates for Dynamic Delegation , 2004 .

[5]  Ami Marowka,et al.  The GRID: Blueprint for a New Computing Infrastructure , 2000, Parallel Distributed Comput. Pract..

[6]  Dennis G. Kafura,et al.  First experiences using XACML for access control in distributed systems , 2003, XMLSEC '03.

[7]  Steven Tuecke,et al.  The Physiology of the Grid An Open Grid Services Architecture for Distributed Systems Integration , 2002 .

[8]  Ian T. Foster,et al.  A secure communications infrastructure for high-performance distributed computing , 1997, Proceedings. The Sixth IEEE International Symposium on High Performance Distributed Computing (Cat. No.97TB100183).

[9]  Ian Foster,et al.  The Security Architecture for Open Grid Services , 2002 .

[10]  Ian T. Foster,et al.  Security for Grid services , 2003, High Performance Distributed Computing, 2003. Proceedings. 12th IEEE International Symposium on.

[11]  Steven Tuecke,et al.  The Anatomy of the Grid , 2003 .

[12]  Tzilla Elrad,et al.  Aspect-oriented programming: Introduction , 2001, CACM.

[13]  Marty Humphrey,et al.  OGSI.NET: OGSI-compliance on the .NET framework , 2004, IEEE International Symposium on Cluster Computing and the Grid, 2004. CCGrid 2004..

[14]  Ian T. Foster,et al.  The anatomy of the grid: enabling scalable virtual organizations , 2001, Proceedings First IEEE/ACM International Symposium on Cluster Computing and the Grid.

[15]  Ian T. Foster,et al.  A security architecture for computational grids , 1998, CCS '98.