Fine-Grained Authorization for Job and Resource Management Using Akenti and the Globus Toolkit
نویسندگان
چکیده
As the Grid paradigm is adopted as a standard way of sharing remote resources across organizational domains, the need for finegrained access control to these resources increases. This paper presents an authorization solution for job submission and control, developed as part of the National Fusion Collaboratory, that uses the Globus Toolkit 2 and the Akenti authorization service in order to perform fine-grained authorization of job and resource management requests in a Grid environment. At job startup, it allows the system to evaluate a user’s Resource Specification Language request against authorization policies on resource usage (determining how many CPUs or memory a user can use on a given resource or which executables the user can run). Furthermore, based on authorization policies, it allows other virtual organization members to manage the user’s job.
منابع مشابه
Fine-Grained Authorization for Job Execution in the Grid: Design and Implementation
In this paper we describe our work on enabling fine-grained authorization for resource usage and management. We address the need of virtual organizations to enforce their own polices in addition to those of the resource owners, in regard to both resource consumption and job management. To implement this design, we propose changes and extensions to the Globus Toolkit’s version 2 resource managem...
متن کاملDynamic and Fine-Grained Authentication and Authorization Architecture for Grid Computing
The Globus Toolkit makes it very easy and comfortable for grid users to develop and deploy grid service. As for the security mechanism, however, only static authentication and coarse-grained authorization mechanism is provided in current Globus Toolkit. In this paper we address the limitations of current security mechanism in the Globus Toolkit and propose a new architecture which provides fine...
متن کاملUsing SAML-Based VOMS for Authorization within Web Services-Based UNICORE Grids
In recent years, the Virtual Organization Membership Service (VOMS) emerged within Grid infrastructures providing dynamic, fine-grained, access control needed to enable resource sharing across Virtual Organization (VOs). VOMS allows to manage authorization information in a VO scope to enforce agreements established between VOs and resource owners. VOMS is used for authorization in the EGEE and ...
متن کاملFine-Grain Authorization Policies in the GRID: Design and Implementation
In this paper we describe our work on enabling fine-grain authorization for resource usage and management. We address the need of Virtual Organizations (VOs) to enforce their own polices in addition to those of the resource owners, both in regard to resource consumption and job management. To implement this design we propose changes and extensions to the Globus Toolkit’s version 2 (GT2) resourc...
متن کاملXML Based X.509 Authorization in CERNET Grid
This paper presents an authorization solution for resource management and control developing as a part of the China Education and Research Network (CERNET) to perform fine-grained authorization of job and resource management requested in the Grid environment which meets the Fusion-Grid’s security needs in large scale networks such as CERNET. It integrates the GT2 job manager and X.509 authoriza...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره cs.DC/0306070 شماره
صفحات -
تاریخ انتشار 2003