DocumentCode
480570
Title
Cross-Domain Grid Authentication and Authorization Scheme Based on Trust Management and Delegation
Author
Shen, Sunan ; Tang, Shaohua
Author_Institution
Sch. of Comput. Sci. & Eng., South China Univ. of Technol., Guangzhou, China
Volume
1
fYear
2008
fDate
13-17 Dec. 2008
Firstpage
399
Lastpage
404
Abstract
As grid¿s dynamic, distributed and open nature, the issue of mutual trust among grid entities is challenging, not only because of the entities in different domains, but also because the fact that those domains may deploy different security mechanisms. A federal authentication and authorization scheme based upon trust management and delegation is proposed. Different security domains can join in the federation through the interface that our approach provides. The establishment of trust relationship among domains is based on trust negotiation and PKI cross-certification. We make authorization relay on dynamic role translation and on delegation. The Security Assertion Markup Language (SAML) is adopted by exploiting its AttributeStatement to create Delegation Assertion for grid.
Keywords
authorisation; grid computing; message authentication; public key cryptography; AttributeStatement; Security Assertion Markup Language; authorization; authorization scheme; cross-domain grid authentication; delegation assertion; mutual trust; security mechanisms; trust delegation; trust management; Authentication; Authorization; Computational intelligence; Computer science; Computer security; Conference management; Engineering management; Information security; Markup languages; Technology management; SAML; cross-domain; delegation; dynamic role translation; grid; trust management;
fLanguage
English
Publisher
ieee
Conference_Titel
Computational Intelligence and Security, 2008. CIS '08. International Conference on
Conference_Location
Suzhou
Print_ISBN
978-0-7695-3508-1
Type
conf
DOI
10.1109/CIS.2008.185
Filename
4724682
Link To Document