论文信息 - Privacy-Preserving Attribute Distribution Mechanism for Access Control in a Grid

Privacy-Preserving Attribute Distribution Mechanism for Access Control in a Grid

This paper presents a privacy-preserving attribute distribution mechanism for an identity federation framework. Attribute-based access control (ABAC) is a highly flexible and scalable access control scheme which can deal with diverse security requirements in Grid environment. However, in ABAC the user attributes delivered by the Identity Providers for authorization decisions may cause some privacy violation. We developed an attribute release control scheme that can improve the privacy protection capability of the current security systems in Grids. The Shibboleth Identity Provider, GridShib, and Globus Toolkit are used for our implementation.

Soon Myoung Chung | Sang M. Park

[1] V. Welch,et al. Attributes , Anonymity , and Access : Shibboleth and Globus Integration to Facilitate Grid Collaboration , 2005 .

[2] I. Foster,et al. Attribute Based Access Control for Grid Computing , 2006 .

[4] John Hughes,et al. Security Assertion Markup Language (SAML) 2.0 Technical Overview , 2004 .