Title :
The PRIMA system for privilege management, authorization and enforcement in grid environments
Author :
Lorch, M. ; Adams, D.B. ; Kafura, Dennis ; Rathi, A. ; Shah, Shalin
Author_Institution :
Dept. of Comput. Sci., Virginia Tech., VA, USA
Abstract :
Many grid usage scenarios depend on small, dynamic working groups for which the ability to establish transient collaboration with little or no intervention from resource administrators is a key requirement. The system developed, PRIMA, focuses on the issues of management and enforcement of fine-grained privileges. Dynamic account creation and leasing as well as expressive enforcement mechanisms facilitate highly dynamic authorization policies and least privilege access to resources. PRIMA mechanisms enable the use of finegrained access rights, reduce administrative costs to resource providers, enable ad hoc and dynamic collaboration scenarios, and can also be used to provide improved security service to long-lived grid communities while leveraging other work in the grid computing and security domains.
Keywords :
authorisation; grid computing; resource allocation; PRIMA system; dynamic authorization; dynamic collaboration; enforcement mechanism; fine-grained privilege management; grid computing; least privilege access; resource providers; security service; Access control; Authorization; Collaboration; Collaborative work; Costs; Environmental management; Grid computing; Operating systems; Permission; Security;
Conference_Titel :
Grid Computing, 2003. Proceedings. Fourth International Workshop on
Print_ISBN :
0-7695-2026-X
DOI :
10.1109/GRID.2003.1261705
