Managing role-based access control policies for grid databases in OGSA-DAI using CAS

Journal of Grid Computing

Volumn 5, Issue 1, 2007, Pages 65-81

  Pereira, Anil L ^a   Muppavarapu, Vineela ^a   Chung, Soon M ^a  

^a Wright State University   (United States)

Author keywords

Community Authorization Service (CAS); Grid databases; Open Grid Services Architecture Data Access and Integration (OGSA DAI); Role based access control (RBAC); Virtual organization (VO)

Indexed keywords

AUTHENTICATION; DATABASE SYSTEMS; MARKUP LANGUAGES; OPEN SYSTEMS; VIRTUAL REALITY;

DATA ACCESS AND INTEGRATION; OPEN GRID SERVICES ARCHITECTURE; ROLE-BASED ACCESS CONTROL; SECURITY ASSERTION MARKUP LANGUAGE;

GRID COMPUTING;

EID: 34250325533     PISSN: 15707873     EISSN: None     Source Type: Journal    
DOI: 10.1007/s10723-006-9054-4     Document Type: Article

References (24)

1. Foster, I., KesselmEn, C., Tuecke, S.: The anatomy of the Grid: enabling scalable virtual organizations. Int. J. Supercomput. Appl. High Perform. Comput. 15 (3), 200-222 (2001)
2. Foster, I., Kesselman, C., Nick, J.M., Tuecke, S.: Grid services for distributed system integration. IEEE Computer 35 (6), 37-46 (2002)
3. Camarinha-Matos, L.M., Afsarmanesh, H.: A roadmap for strategic research on virtual organizations. In: Proceedings of the 4th IFIP Working Conference on Virtual Enterprises, Lugano, Switzerland, pp. 33-46 (2003)
4. Arenas, A.E., Djordjevic, I., Dimitrakos, T., Titkov, L., et al.: Toward web services profiles for trust and security in virtual organizations. In: Proceedings of the 6th IFIP Working Conference on Virtual Enterprises, Valencia, Spain, pp. 26-28 (2005)
5. Wasson, G., Humphrey, M.: Policy and enforcement in virtual organizations. In: Proceedings of the 4th International Workshop on Grid Computing, Phoenix, Arizona, pp. 125-132 (2003)
6. Wasson, G., Humphrey, M.: Towards explicit policy management for virtual organizations. In: Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks, Lake Como, Italy, pp. 173-182 (2003)
7. Malaika, S., Eisenberg, A., Melton, J.: Standards for databases on the Grid. ACM SIGMOD Record 32 (3), 92-100 (2003)
8. Ferraiolo, D., Kuhn, R.: Role-based access control. In: Proceedings of the 15th National Computer Security Conference, Baltimore, MD (1992)
9. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Computer 29 (2), 38-47 (1996)
10. Ramaswamy, C., Sandhu, R.S.: Role-based access control features in commercial database management systems. In: Proceedings of the 21st National Information Systems Security Conference, Arlington, VA (1998)
11. Foster, I., Kesselman, C.: The Globus Toolkit. In: Foster, I., Kesselman, C. (eds.) The Grid: Blueprint for a New Computing Infrastructure, pp. 259-278. Morgan Kaufmann, San Francisco, CA (1999)
12. Butler, R., Welch, V., Engert, D., Foster, I., Tuecke, S., Volmer, J., Kesselman, C.: A National-scale authentication infrastructure. IEEE Computer 33 (12), 60-66 (2000)
13. Anjomshoaa, A., Antonioletti, M., Atkinson, M., Baxter, R., Borley, A., et al.: The design and implementation of Grid database services in OGSA-DAI. In: Proceedings of UK e-Science All Hands Meeting, Nottingham, UK (2003)
14. Tuecke, S., Czajkowski, K., Foster, I., Frey, J., Graham, S., Kesselman, C., Vanderbilt, P.: Grid Service Specification, Draft 4. Open Grid Service Infrastructure Working Group, Global Grid Forum (2002)
15. Joshi, J.B.D., Bhatti, R., Bertino, E., Ghafoor, A.: Access-control language for multidomain environments. IEEE Internet Comput. 8 (6), 40-50 (2004)
16. Mayfield, T., Roskos, J.E., Welke, S.R., Boone, J.M.: Integrity in automated information systems. Technical Report, National Computer Security Center (1991)
17. Pearlman, L., Welch, V., Foster, I., Kesselman, C., Tuecke, S.: A Community authorization service for group collaboration. In: Proceedings of the 3rd IEEE International Workshop on Policies for Distributed Systems and Networks (2002)
18. Organization for the Advancement of Structured Information Standards (OASIS): Assertions and protocols for the OASIS Security Assertion Markup Language (SAML) V1.1. Available via http://www.oasis-open.org/ committees/tc-home.php?wg-abbrev=security (2003)
19. Ferraiolo, D.F., Barkley, J.F., Kuhn, D.R.: A role-based access control model and reference implementation within a corporate intranet. ACM Trans. Inf. Syst. Secur. 2 (1), 34-64 (1999)
20. Zhang, G., Parasher, M.: Dynamic context-aware access control for Grid applications. In: Proceedings of the 4th International Workshop on Grid Computing, pp. 101-108 (2003)
21. Cannon, S., Chan, S., Olson, D., Tull, C., Welch, V., Pearlman, L.: Using CAS to manage role-based VO sub-groups. In: Proceedings of International Conference for Computing in High Energy and Nuclear Physics (2003)
22. Sandhu, R., Ferraiolo, D.F., Kuhn, D.R.: The NIST model for role based access control: Towards a unified standard. In: Proceedings of the 5th ACM Workshop on Role Based Access Control, Berlin, Germany (2000)
23. Jackson, M., Antonioletti, M., Hong, N. C., Hume, A., Krause, A., Sugden, T., Westhead, M.: Performance analysis of the OGSA-DAI software. In: Proceedings of UK e-Science All Hands Meeting, Nottingham, UK (2004)
24. Yee, K.: Secure interaction design and the principle of least authority. In: Proceedings of Workshop on Human-Computer Interaction and Security Systems, Fort Lauderdale, FL (2003)