Title :
Cross-Domain Grid Authentication and Authorization Scheme Based on Trust Management and Delegation
Author :
Shen, Sunan ; Tang, Shaohua
Author_Institution :
Sch. of Comput. Sci. & Eng., South China Univ. of Technol., Guangzhou, China
Abstract :
As grid¿s dynamic, distributed and open nature, the issue of mutual trust among grid entities is challenging, not only because of the entities in different domains, but also because the fact that those domains may deploy different security mechanisms. A federal authentication and authorization scheme based upon trust management and delegation is proposed. Different security domains can join in the federation through the interface that our approach provides. The establishment of trust relationship among domains is based on trust negotiation and PKI cross-certification. We make authorization relay on dynamic role translation and on delegation. The Security Assertion Markup Language (SAML) is adopted by exploiting its AttributeStatement to create Delegation Assertion for grid.
Keywords :
authorisation; grid computing; message authentication; public key cryptography; AttributeStatement; Security Assertion Markup Language; authorization; authorization scheme; cross-domain grid authentication; delegation assertion; mutual trust; security mechanisms; trust delegation; trust management; Authentication; Authorization; Computational intelligence; Computer science; Computer security; Conference management; Engineering management; Information security; Markup languages; Technology management; SAML; cross-domain; delegation; dynamic role translation; grid; trust management;
Conference_Titel :
Computational Intelligence and Security, 2008. CIS '08. International Conference on
Conference_Location :
Suzhou
Print_ISBN :
978-0-7695-3508-1
DOI :
10.1109/CIS.2008.185
