GridShib and PERMIS integration

Campus-Wide Information Systems

Volumn 23, Issue 4, 2006, Pages 297-308

  Chadwick, D W ^a   Novikov, A ^a   Otenko, A ^a  

^a UNIVERSITY OF KENT   (United Kingdom)

Author keywords

Computer software; Control; Decision making

Indexed keywords

EID: 33748679116     PISSN: 10650741     EISSN: None     Source Type: Journal    
DOI: 10.1108/10650740610704153     Document Type: Article

References (24)

1. Alfieri, R., Cecchini, R., Ciaschini, V., dell'Agnello, L., Frohner, Á., Gianoli, A., Lörentey, K. and Spataro, F. (2003), "VOMS: an authorization system for virtual organizations", paper presented at 1st European Across Grids Conference, Santiago de Compostela.
2. Barton, T., Basney, J., Freeman, T., Scavo, T., Siebenlist, F., Welch, V., Ananthakrishnan, R., Baker, B. and Keahey, K. (2006), "Identity federation and attribute-based authorization through the globus toolkit, Shibboleth, Gridshib, and MyProxy", paper presented at 5th Annual PKI R&D Workshop (to appear).
3. Chadwick, D.W. (2001), "An X.509 role based privilege management infrastructure", Business Briefing - Global InfoSecurity 2002, World Markets Research Centre Ltd.
4. Chadwick, D.W. (2006), "Authorisation using attributes from multiple authorities", Proceedings of 15th IEEE International Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises (WET ICE 2006), pp. 26-8, June 2006, Manchester.
5. Chadwick, D.W. and Otenko, A. (2002), "RBAC policies in XML for X.509-based privilege management", Proceedings of IFIP 17th International Conference on Information Security (SEC 2002), Kluwer Academic, Dordrecht, pp. 39-53.
6. Chadwick, D.W. and Otenko, A. (2003), "The PERMIS X.509 role based privilege management infrastructure", Future Generation Computer Systems, Vol. 19 No. 2, pp. 277-89.
7. Erdos, M. and Cantor, S. (2005), "Shibboleth-architecture DRAFT v05", available at: http://shibboleth.internet2.edu/docs/draft-internet2-shibboleth-arch-v05.pdf.
8. Foster, I. (2005), "Globus toolkit version 4: software for service-oriented systems", paper presented at IFIP International Conference on Network and Parallel Computing, Springer, New York, NY, pp. 2-13, LNCS 3779.
9. Foster, I. and Kesselman, C.A. (Eds) (2004), The Grid 2: Blueprint for a New Computing Infrastructure, Morgan Kaufmann, San Mateo, CA.
10. Foster, I., Kesselman, C. and Tuecke, S. (2001), "The anatomy of the grid: enabling scalable virtual organizations", International Journal of High Performance Computing Applications, Vol. 15 No. 3, pp. 200-22.
11. Freeman, T. and Ananthakrishnan, R. (2005), "Authorization processing for globus toolkit Java web services", IBM Developer Works, available at: www-128.ibm.com/developerworks/grid/library/gr-gt4auth/.
12. Hodges, J. and Morgan, R. (2002), "Lightweight directory access protocol (v3): technical specification", RFC 3377, September.
13. ISO 9594-8/ITU-T Rec. X.509 (2001), The Directory: Public-Key and Attribute Certificate Frameworks.
14. Maler, E., Mishra, P. and Philpott, R. (2003), "Bindings and profiles for the OASIS security assertion markup language (SAML) v1.1", OASIS, available at: www.oasis-open.org/committees/download.php/3405/oasis-sstc-saml-bindings-1.1. pdf.
15. Morgan, R.L., Cantor, S., Carmody, S., Hoehn, W. and Klingenstein, K. (2004), "Federated security: the Shibboleth approach", EDUCAUSE Quarterly, Vol. 27 No. 4, pp. 4-6.
16. SAML (2005), Specification, Security Association Markup Language, available at: www.oasis-open.org/committees/1security/.
17. Thompson, M., Johnston, W., Mudumbai, S., Hoo, G., Jackson, K. and Essiari, A. (1999), "Certificate-based access control for widely distributed resources", paper presented at 8th Usenix Security Symposium.
18. Tuecke, S., Welch, V., Engert, D., Pearlman, L., Thompson, M. and Internet, X. (2004), "Internet X.509 public key infrastructure (PKI) proxy certificate profile", RFC 3820, June.
19. Wahl, M., Coulbeck, A., Howes, T. and Kille, S. (1997), "Lightweight directory access protocol (v3): attribute syntax definitions", RFC 2252, December.
20. Welch, V., Siebenlist, F., Foster, I., Bresnahan, J., Czajkowski, K., Gawor, J., Kesselman, C., Meder, S., Pearlman, L. and Tuecke, S. (2003), "Security for grid services", paper presented at 12th IEEE International Symposium on High Performance Distributed Computing.
21. Welch, V., Foster, I., Kesselman, C., Mulmo, O., Pearlman, L., Tuecke, S., Gawor, J., Meder, S. and Siebenlist, F. (2004a), "X.509 proxy certificates for dynamic delegation", Proceedings of 3rd Annual PKI R&D Workshop.
22. Welch, V., Siebenlist, F., Chadwick, D., Meder, S. and Pearlman, L. (2004b), "Use of SAML for OGSA authorization", paper presented at Global Grid Forum.
23. Welch, V. (Ed.) (2005a), "Globus toolkit version 4 grid security infrastructure: a standards perspective", available at: www.globus.org/toolkit/docs/4.0/security/GT4-GSI-Overview.pdf.
24. Welch, V., Barton, T., Keahey, K. and Siebenlist, F. (2005b), "Attributes, anonymity, and access: Shibboleth and Globus integration to facilitate grid collaboration", Proceedings of 4th Annual PKI R&D Workshop.