Fine-grain access control for securing shared resources in computational grids

Proceedings - International Parallel and Distributed Processing Symposium, IPDPS 2002

Volumn , Issue , 2002, Pages 206-213

  Butt, A R ^a   Adabala, S ^a   Kapadia, N H ^a   Figueiredo, R ^b   Fortes, J A B ^c  

^a PURDUE UNIVERSITY   (United States)

^b NORTHWESTERN UNIVERSITY   (United States)

^c UNIVERSITY OF FLORIDA   (United States)

Author keywords

access control; grid environments; grid security; Unix access model

Indexed keywords

EID: 4143113268     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/IPDPS.2002.1015496     Document Type: Conference Paper

References (29)

1. N. S. A. Baratloo and T. Tsai. Transparent run-time defense against stack smashing attacks. In Proceedings of the USENIX Annual Technical Conference, pages 207-233 June 2000.
2. S. Adabala, A. R. Butt, R. J. Figueiredo, N. H. Kapadia, and J. A. B. Fortes. Security implications of making computing resources available via computational grids. Technical Report TR-ECE01-2, Purdue University, West Lafayette, IN, September 2001.
3. A. D. Alexandrov, M. Ibel, K. E. Schauser, and C. J. Scheiman. Ufo: A personal global file system based on user-level extensions to the operating system, volume 16, pages 207-233, August 1998.
4. A. Bayucan, R. L. Henderson, C. Lesiak, B. Mann, T. Proett, and D. Tweten. Portable batch system: External reference specification. Technical report, MRJ Technology Solutions, November 1999.
5. Distributed Computing Technologies Inc. http://www.distributed.net
6. Entropia Inc. http://www.entropia.com
7. EROS-OS. Comparing ACLs and Capabilities http://www.eros-os.org/essays/aclsvcaps.html
8. S. E. Fagan. Tracing bsd system calls. Dr. Dobb's Journal, pages 38-43, 03 1998.
9. S. Forrest, S. A. Hofmeyr, A. Somayaji, and T. A. Longstaff. A sense of self for Unix processes. In Proceedinges of the 1996 IEEE Symposium on Research in Security and Privacy, pages 120-128, 1996.
10. I. Foster and C. Kesselman. Globus: A metacomputing infrastructure toolkit. The International Journal of Supercomputer Applications and High Performance Computing, 11(2):115-128, Summer 1997.
11. I. Goldberg, D. Wagner, R. Thomas, and E. A. Brewer. A secure environment for untrusted helper applications: Confining the wily hacker. In Proceedings of the 6th Usenix Security Symposium, San Jose, Ca., 1996.
12. L. Gong, M. Mueller, H. Prafullchandra, and R. Schemers. Going beyond the sandbox: An overview of the new security architecture in the java development kit 1.2. In USENIX Symposium on Internet Technologies and Systems, 1997.
13. IBM Corporation. White Paper: S/390 Virtual Image Facility for Linux, Guide and Reference. GC24-5930-03, February 2001.
14. M. B. Jones. Interposition agents: Transparently interposing user code at the system interface. In Symposium on Operating Systems Principles, pages 80-93, 1993.
15. N. H. Kapadia, R. J. Figueiredo, and J. A. B. Fortes. Enhancing the scalability and usability of computational grids via logical user accounts and virtual file systems. In Heterogeneous Computing Workshop at IPDPS, April 2001.
16. N. H. Kapadia, R. J. Figueiredo, and J. A. B. Fortes. Punch: Web portal for running tools. In IEEE Micro, May-June 2000.
17. C. Ko, M. Ruschitzka, and K. Levitt. Execution monitoring of security-critical programs in a distributed system: A specification-based approach. In Proceedings of the 1997 IEEE Symposium on Security and Privacy, Oakland, California, 1997.
18. M. J. M. J. Litzkow, M. Livny, and M. W. Mutka. Condor - A hunter of idle workstations. In Proceedings of the 8th International Conference on Distributed Computing Systems (ICDCS), pages 104-111, Washington, DC, 1988.
19. B. P. Miller, M. Christodorescu, R. Iverson, T. Kosar, A. Mirgorodskii, and F. Popovici. Playing inside the black box: Using dynamic instrumentation to create security holes. Parallel Processing Letters, 11(2,3):267-280, 2001.
20. G. C. Necula and P. Lee. Safe kernel extensions without run-time checking. In USENIX, editor, 2nd Symposium on Operating Systems Design and Implementation (OSDI '96), October 28-31, 1996. Seattle, WA, pages 229-243, Berkeley, CA, USA, 1996.
21. H. Patil and C. N. Fischer. Efficient run-time monitoring using shadow processing. In Automated and Algorithmic Debugging, pages 119-132, 1995.
22. J. H. Saltzer and M. D. Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278-1308, 1975.
23. SETI Institute Online http://www.seti-inst.edu/science/setiathome.html
24. Sun (tm) Microsystems Sun Grid Engine http://www.sun.ca/software/gridware/
25. G. Vigna, editor. Mobile Agents and Security, volume 1419 of LNCS. Springer-Verlag, June 1998.
26. VMware Incorporated. VMware GSX Server , 2000.
27. D. Wagner and D. Dean. Intrusion detection via static analysis. In Proceedings of the 2001 IEEE Symposium on Security and Privacy, May 2001.
28. D. A. Wagner. Janus: an approach for confinement of untrusted applications. Technical Report CSD-99-1056, 12, 1999.
29. R. Wahbe, S. Lucco, T. E. Anderson, and S. L. Graham. Software fault isolation. In Fourteenth ACM Symposium on Operating System Principles, volume 27, pages 203-216, December 1993.