Enhanced CAS Certificate for Metadata-Based Access Control in Grids

Author

Park, Sang M. ; Chung, Soon M.

Author_Institution

Dept. of Comput. Sci. & Eng., Wright State Univ., Dayton, OH

Volume

2

fYear

2008

fDate

3-5 Nov. 2008

Firstpage

323

Lastpage

329

Abstract

This paper presents an enhanced design of the community authorization service (CAS) which supports centralized, fine-grain access control by managing the memberships, service types, resource objects and security policies of a virtual organization (VO). The current CAS provides fundamental solutions regarding user privacy, authentication and authorization, but it has some limitations due to its centralized management of the security policies of a VO, in terms of scalability, flexibility and interoperability. We enhanced the CAS to support diverse security requirements within a dynamic grid computing environment by enabling the CAS server to publish a proxy certificate embedding additional attributes of users. It allows the service providers to support customized services by analyzing the attributes of users and security policies.

Keywords

authorisation; data privacy; grid computing; open systems; CAS certificate; dynamic grid computing environment; metadata-based access control; proxy certificate; security policies; user privacy; virtual organization; Access control; Authentication; Authorization; Content addressable storage; Data security; Databases; Grid computing; Information security; Resource management; Scalability; Community Authorization Service (CAS); virtual organization;

fLanguage

English

Publisher

ieee

Conference_Titel

Tools with Artificial Intelligence, 2008. ICTAI '08. 20th IEEE International Conference on

Conference_Location

Dayton, OH

ISSN

1082-3409

Print_ISBN

978-0-7695-3440-4

Type

conf

DOI

10.1109/ICTAI.2008.157

Filename

4669792