Computing and Information Systems - Research Publications

Permanent URI for this collection

http://hdl.handle.net/11343/350

Filters

2005 2
2
Reset filters

Settings
Statistics
Citations
Author: Sinnott, Richard × Author: Stell, Anthony × End date: 2017 × Subject: grid computing ×

Search Results

Now showing 1 - 2 of 2
  • Item
    Thumbnail Image
    Dynamic privilege management infrastructures utilising secure attribute exchange
    Watt, J. ; Sinnott, R. O. ; Stell, A. J. (Engineering and Physical Sciences Research Council, 2005)
    Technologies which implement dynamic privilege management infrastructures will be crucial to the secure sharing of resources on the Grid, especially as the number of resources and participating sites increases. The DyVOSE project has successfully deployed Grid services secured with the PERMIS authorisation software implementing a static Privilege Management Infrastructure (PMI) model. The second stage of this project focuses on the extension of the current PERMIS infrastructure to include dynamic delegation of authority and cross-certification of institutional security policies. This paper describes the existing static PMI that has been used within the Grid Computing module as part of the advanced MSc at Glasgow University. We also outline an e-Science education use case that will be used to highlight how dynamic PMIs can be established using an extended version of PERMIS and utilising the Internet2 Shibboleth software to transfer user attributes and authentication tokens across institutional boundaries. This work addresses one of the key challenges in the Grid, supporting the dynamic establishment of secure Virtual Organisations (VOs).
  • Item
    Thumbnail Image
    Comparison of advanced authorisation infrastructures for grid computing
    Stell, A. J. ; Sinnott, R. O. ; Watt, J. P. (Institute of Electrical and Electronics Engineers (IEEE), 2005)
    The widespread use of grid technology and distributed compute power, with all its inherent benefits, will only be established if the use of that technology can be guaranteed efficient and secure. The predominant method for currently enforcing security is through the use of public key infrastructures (PKI) to support authentication and the use of access control lists (ACL) to support authorisation. These systems alone do not provide enough fine-grained control over the restriction of user rights, necessary in a dynamic grid environment. This paper compares the implementation and experiences of using the current standard for grid authorisation with Globus - the grid security infrastructure (GSI) - with the role-based access control (RBAC) authorisation infrastructure PERMIS. The suitability of these security infrastructures for integration with regard to existing grid technology is presented based upon experiences within the JISC-funded DyVOSE project.