Computing and Information Systems - Research Publications

Permanent URI for this collection

http://hdl.handle.net/11343/350

Filters

2007 - 2009 2
Reset filters

Settings
Statistics
Citations
Author: Sinnott, Richard × End date: 2009 × Subject: authentication ×

Search Results

Now showing 1 - 2 of 2
  • Item
    Thumbnail Image
    Federated authentication and authorisation for e-science
    Watt, J. ; Sinnott, R. O. ; Jiang, J ; Doherty, T. ; Stell, A. J. ; Martin, D. ; Stewart, G. ( 2007)
    The Grid and Web service community are defining a range of standards for a complete solution for security. The National e-Science Centre (NeSC) at the University of Glasgow is investigating how the various pre-integration components work together in a variety of e-Science projects. The EPSRC-funded nanoCMOS project aims to allow electronics designers and manufacturers to use e-Science technologies and expertise to solve problems of device variability and its impact on system design. To support the security requirements of nanoCMOS, two NeSC projects (VPMan and OMII-SP) are providing tools to allow easy configuration of security infrastructures, exploiting previous successful projects using Shibboleth and PERMIS. This paper presents the model in which these tools interoperate to provide secure and simple access to Grid resources for non-technical users.
  • Item
    Thumbnail Image
    Semantic security: specification and enforcement of semantic policies for security-driven collaborations
    Sinnott, R. O. ; Doherty, T. ; Gray, N. ; Lusted, J. (IOS Press, 2009)
    Collaborative research can often have demands on finer-grained security that go beyond the authentication-only paradigm as typified by many e-Infrastructure/Grid based solutions. Supporting finer-grained access control is often essential for domains where the specification and subsequent enforcement of authorization policies is needed. The clinical domain is one area in particular where this is so. However it is the case that existing security authorization solutions are fragile, inflexible and difficult to establish and maintain. As a result they often do not meet the needs of real world collaborations where robustness and flexibility of policy specification and enforcement, and ease of maintenance are essential. In this paper we present results of the JISC funded Advanced Grid Authorisation through Semantic Technologies (AGAST) project (www.nesc.ac.uk/hub/projects/agast) and show how semantic-based approaches to security policy specification and enforcement can address many of the limitations with existing security solutions. These are demonstrated into the clinical trials domain through the MRC funded Virtual Organisations for Trials and Epidemiological Studies (VOTES) project (www.nesc.ac.uk/hub/projects/votes) and the epidemiological domain through the JISC funded SeeGEO project (www.nesc.ac.uk/hub/projects/seegeo).