A Guanxi Shibboleth based Security Infrastructure

An e-Social Science infrastructure generally has security requirements to protect their restricted resources or services. As a widely accepted authentication and authorization technology, Shibboleth supports the sharing of resources on inter-institutional federation. Guanxi is an open source implementation of the Shibboleth protocol and architecture. In this paper, we propose a security infrastructure for e-social science based on the Guanxi Shibboleth. This security infrastructure presents two main features. Firstly, Guanxi Shibboleth is integrated into the user-friendly Sakai collaborative and learning environment which provides an ideal place for users to access a variety of federation resources in line with the Shibboleth authentication model. Secondly, PERMIS technology is used to enhance the authorization mechanisms thus enabling a policy-driven, role-based, fine-grained access control. As a result, the security infrastructure presents the advantages of Guanxi Shibboleth, PERMIS and Sakai, and it has been applied to e-Social Science application. We believe this security infrastructure provides a promising authentication and authorization solution for e-social science applications as well as applications in other domains.