Privacy-Preserving Attribute Distribution Mechanism for Access Control in a Grid
暂无分享,去创建一个
This paper presents a privacy-preserving attribute distribution mechanism for an identity federation framework. Attribute-based access control (ABAC) is a highly flexible and scalable access control scheme which can deal with diverse security requirements in Grid environment. However, in ABAC the user attributes delivered by the Identity Providers for authorization decisions may cause some privacy violation. We developed an attribute release control scheme that can improve the privacy protection capability of the current security systems in Grids. The Shibboleth Identity Provider, GridShib, and Globus Toolkit are used for our implementation.
[1] V. Welch,et al. Attributes , Anonymity , and Access : Shibboleth and Globus Integration to Facilitate Grid Collaboration , 2005 .
[2] I. Foster,et al. Attribute Based Access Control for Grid Computing , 2006 .
[4] John Hughes,et al. Security Assertion Markup Language (SAML) 2.0 Technical Overview , 2004 .