Security for Grid services

Proceedings of the IEEE International Symposium on High Performance Distributed Computing

Volumn 2003-January, Issue , 2003, Pages 48-57

  Welch, Von ^a   Siebenlist, Frank ^b   Foster, Ian ^a,b   Bresnahan, John ^b   Czajkowski, Karl ^c   Gawor, Jarek ^b   Kesselman, Carl ^c   Meder, Sam ^a   Pearlman, Laura ^c   Tuecke, Steven ^b  

^a THE UNIVERSITY OF CHICAGO   (United States)

^b ARGONNE NATIONAL LABORATORY   (United States)

^c UNIVERSITY OF SOUTHERN CALIFORNIA   (United States)

Author keywords

Computer network management; Computer science; Computer security; Grid computing; Information security; Mathematics; National security; Resource management; Service oriented architecture; Web services

Indexed keywords

COMPUTER NETWORKS; COMPUTER RESOURCE MANAGEMENT; COMPUTER SCIENCE; DISTRIBUTED COMPUTER SYSTEMS; DISTRIBUTED PARAMETER NETWORKS; DYNAMICS; INFORMATION MANAGEMENT; INFORMATION SERVICES; MATHEMATICAL TECHNIQUES; MEMORY ARCHITECTURE; NATIONAL SECURITY; NETWORK ARCHITECTURE; NETWORK MANAGEMENT; NETWORK SECURITY; SECURITY OF DATA; SERVICE ORIENTED ARCHITECTURE (SOA); WEB SERVICES; WEBSITES;

GLOBUS TOOLKIT VERSION 2; NETWORK SERVICES; OPEN GRID SERVICES ARCHITECTURE; RESOURCE MANAGEMENT; SECURITY IMPLEMENTATIONS; SERVICE ORIENTED FRAMEWORKS; VIRTUAL ORGANIZATION; WEB SERVICES SECURITY;

GRID COMPUTING;

EID: 84942318236     PISSN: 10828907     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/HPDC.2003.1210015     Document Type: Conference Paper

References (36)

1. Simple Object Access Protocol (SOAP) 1.1, W3C, 2000.
2. BEA, IBM, Microsoft and SAP. Web Services Policy Language (WS-Policy), 2002.
3. Belani, E., Vahdat, A., Anderson, T. and Dahlin, M. The CRISIS Wide Area Security Architecture. 8th Usenix UNIX Security Symposium, 1998.
4. Butler, R., Engert, D., Foster, I., Kesselman, C., Tuecke, S., Volmer, J. and Welch, V. A National-Scale Authentication Infrastructure. IEEE Computer, 33 (12). 60-66. 2000.
5. CCITT Recommendation X.509: The Directory - Authentication Framework. 1988.
6. Chadwick, D.W. and Otenko, A., The PERMIS X.509 Role Based Privilege Management Infrastructure. 7th ACM Symposium on Access Control Models and Technologies, 2002.
7. Christensen, E., Curbera, F., Meredith, G. and Weerawarana., S. Web Services Description Language (WSDL) 1.1, W3C, 2001. www.w3.org/TR/wsdl.
8. Czajkowski, K., Foster, I., Karonis, N., Kesselman, C., Martin, S., Smith, W. and Tuecke, S. A Resource Management Architecture for Metacomputing Systems. 4th Workshop on Job Scheduling Strategies for Parallel Processing, Springer-Verlag, 1998, 62-82.
9. Czajkowski, K., Foster, I., Kesselman, C., Sander, V. and Tuecke, S., SNAP: A Protocol for Negotiating Service Level Agreements and Coordinating Resource Management in Distributed Systems. 8th Workshop on Job Scheduling Strategies for Parallel Processing, 2002.
10. Dierks, T. and Allen, C. The TLS Protocol Version 1.0, IETF, 1999. http://www.ietf.org/rfc/rfc2246.txt.
11. Ford, W., Hallam-Bakerp, P., Fox, B., Dillaway, B., LaMacchia, B., Epstein, J. and Lapp, J. XML Key Management Specification, 2001. http://www.w3.org/TR/2001.
12. Foster, I. and Kesselman, C. Computational Grids. Foster, I. and Kesselman, C. eds. The Grid: Blueprint for a New Computing Infrastructure, Morgan Kaufmann, 1999, 2-48.
13. Foster, I. and Kesselman, C. Globus: A Toolkit-Based Grid Architecture. Foster, I. and Kesselman, C. eds. The Grid: Blueprint for a New Computing Infrastructure, Morgan Kaufmann, 1999, 259-278.
14. Foster, I., Kesselman, C., Nick, J. and Tuecke, S. The Physiology of the Grid: An Open Grid Services Architecture for Distributed Systems Integration, Globus Project, 2002. http://www.globus.org/research/papers/ogsa.pdf.
15. Foster, I., Kesselman, C., Tsudik, G. and Tuecke, S. A Security Architecture for Computational Grids. ACM Conference on Computers and Security, 1998, 83-91.
16. Foster, I., Kesselman, C. and Tuecke, S. The Anatomy of the Grid: Enabling Scalable Virtual Organizations. International Journal of High Performance Computing Applications, 15 (3). 200-222. 2001.
17. Gasser, M. and McDermott, E., An Architecture for Practical Delegation in a Distributed System. Proc. 1990 IEEE Symposium on Research in Security and Privacy, 1990, IEEE Press, 20-30.
18. Graham, S., Simeonov, S., Boubez, T., Daniels, G., Davis, D., Nakamura, Y. and Neyama, R. Building Web Services with Java: Making Sense of XML, SOAP, WSDL, and UDDI. Sams, 2001.
19. Humphrey, M., Knabe, F., Ferrari, A. and Grimshaw, A., Accountability and Control of Process Creation in Metasystems. 2000 Network and Distributed System Security Symposium, 2000.
20. IBM, Microsoft, RSA Security and VeriSign. Web Services Secure Conversation Language (WS-SecureConversation) Version 1.0, 2002.
21. IBM, Microsoft, RSA Security and VeriSign. Web Services Trust Language (WS-Trust), 2002.
22. IBM, Microsoft and VeriSign. Web Services Security Language (WS-Security), 2002.
23. Linn, J. Generic Security Service Application Program Interface, Version 2. INTERNET RFC 2078, 1997.
24. Myers, J. Simple Authentication and Security Layer (SASL), IETF, 1997.
25. Neuman, B. C. and Ts'o, T. Kerberos: An Authentication Service for Computer Networks. IEEE Communications Magazine, 32 (9). 33-88. 1994.
26. Pearlman, L., Welch, V., Foster, I., Kesselman, C. and Tuecke, S., A Community Authorization Service for Group Collaboration. IEEE 3rd International Workshop on Policies for Distributed Systems and Networks, 2002.
27. Thompson, M., Johnston, W., Mudumbai, S., Hoo, G., Jackson, K. and Essiari, A., Certificate-based Access Control for Widely Distributed Resources. 8th Usenix Security Symposium, 1999.
28. Tuecke, S., Engert, D., Foster, I., Thompson, M., Pearlman, L. and Kesselman, C. Internet X.509 Public Key Infrastructure Proxy Certificate Profile, IETF, 2001.
29. Kornievskaia, O., Honeyman, P., Doster, B., and Coffman, K., Kerberized Credential Translation: A Solution to Web Access Control. 10th Usenix Security Symposium, 2001.
30. OpenSSH, http://www.openssh.com , 2003.
31. Siebenlist, F., et al, OGSA Security Roadmap, 2002. http://www.globus.org/ogsa/Security/ogsa-sec-roadmapv13.pdf
32. Security Assertion Markup Language (SAML) 1.0 Specification, OASIS, November 2002. http://www.oasisopen.org/committees/security/
33. eXtensible Access Control Markup Language (XACML) 1.0 Specification, OASIS, February 2003. http://www.oasisopen.org/committees/xacml/
34. XML Signature Syntax and Processing, OASIS, February 2002. http://www.w3.org/TR/xmldsig-core/
35. XML Encryption Syntax and Processing, OASIS, December 2002. http://www.w3.org/TR/xmlenc-core/
36. The Globus Toolkit 3.0 Alpha Release, 2003 http://www.globus.org/ogsa/releases/alpha/index.html