Sygn: A certificate based access control in Grid environments
نویسنده
چکیده
In this paper we study the problem of Grid access control in environments with high confidentiality requirements and a large number of users. We propose a novel access control mechanism, Sygn, that implements decentralized permission storage and management. All permissions in Sygn are encoded in certificates, which are stored by their owners and used when required. Sygn allows for decentralized administration of dynamically changing resources and permissions. Sygn also supports role based access control. Prmissions can be created on demand without the need to contact a central permission storage system. The Sygn access control servers store only minimal security critical information to minimize the impact of a successful attack. Sygn has been successfully integrated in a lightweight grid middleware.
منابع مشابه
Authentication and autorisation prototype on the microgrid for medical data management
This paper presents μgrid, a light weight middleware for grid applications, and focuses mainly on security issues -more specifically on the access control to resources that are critical for the gridification of many medical applications. For this purpose, we use Sygn as a distributed, certificate based, and flexible access control mechanism, which has been fully integrated in μgrid. We discuss ...
متن کاملAuthentication and Authorisation Prototype on the μgrid for Medical Data Management
This paper presents mu grid, a light weight middleware for grid applications, and focuses mainly on security issues--more specifically on the access control to resources--that are critical for the gridification of many medical applications. For this purpose, we use Sygn as a distributed, certificate based, and flexible access control mechanism, which has been fully integrated in mu grid. We dis...
متن کاملAn Efficient Data Replication Strategy in Large-Scale Data Grid Environments Based on Availability and Popularity
The data grid technology, which uses the scale of the Internet to solve storage limitation for the huge amount of data, has become one of the hot research topics. Recently, data replication strategies have been widely employed in distributed environment to copy frequently accessed data in suitable sites. The primary purposes are shortening distance of file transmission and achieving files from ...
متن کاملA Workflow Engine-Driven SOA-Based Cooperative Computing Paradigm in Grid Environments
Grid has been proposed to be a promising service-oriented platform for increasingly complex cooperative computing. The platforms of service-oriented Grids are often web-based where participants collaborate to achieve a common goal by sharing scarce Web-Based Computational/Computing Resources (WBCR). To effectively share the WBCR is a challenging problem in boundary-spanning grid environments, p...
متن کاملA context-sensitive dynamic role-based access control model for pervasive computing environments
Resources and services are accessible in pervasive computing environments from anywhere and at any time. Also, due to ever-changing nature of such environments, the identity of users is unknown. However, users must be able to access the required resources based on their contexts. These and other similar complexities necessitate dynamic and context-aware access control models for such environmen...
متن کامل