Title :
Architecture for a Secure Distributed Repository
Author :
Haupt, Tomasz ; Kalyanasundaram, Anand ; Zhuk, Igor
Author_Institution :
Center for Adv. Vehicular Syst., Mississippi State Univ., MS
Abstract :
This paper presents and discusses the design and implementation of authorization mechanisms for a data repository service for grid environments that supports secure sharing of possibly confidential data by members of ad-hoc created groups. Such a system requires the separation of the repository into independent components thus adding to the complexity of the authorization mechanisms that protect both the storage service against unauthorized and possible malicious use, and intellectual property and confidentiality of the user´s data. The solution proposed here extends the VOMS architecture, in favor of the other architectures for efficiency. The authorization is group-based with group membership authorization service responsible for maintaining the user roles in a virtual organization (i.e., the membership in a group). The user can now securely access data in a distributed repository by collecting SAML assertions from the component services and creating a complete assertion document that allows it to retrieve data from a data service
Keywords :
authorisation; data analysis; grid computing; information retrieval; SAML assertions; VOMS architecture; ad-hoc created groups; authorization mechanisms; data confidentiality; data repository service; grid environments; group membership authorization service; intellectual property; secure distributed repository; storage service; virtual organization; Access control; Authorization; Collaboration; Data security; Grid computing; Information retrieval; Intellectual property; Memory; Protection; Uniform resource locators;
Conference_Titel :
Grid Computing, 7th IEEE/ACM International Conference on
Conference_Location :
Barcelona
Print_ISBN :
1-4244-0343-X
Electronic_ISBN :
1-4244-0344-8
DOI :
10.1109/ICGRID.2006.311016
