Experiences of applying advanced grid authorisation infrastructures
AuthorSinnott, R. O.; Stell, A. J.; Chadwick, D. W.; Otenko, O.
Source TitleAdvances in grid computing – EGC 2005. Lecture Notes in Computer Science.
AffiliationComputing and Information Systems
Document TypeBook Chapter
CitationsSinnott, R. O., Stell, A. J., Chadwick, D. W., & Otenko, O. (2005). Experiences of applying advanced grid authorisation infrastructures. In P. M. A. Sloot, A. G. Hoekstra, T. Priol, A. Reinefeld, & M. Bubak (Eds.), Advances in grid computing – EGC 2005. Lecture Notes in Computer Science 3470 (pp.265-274). Berlin; Heidelberg: Springer.
Access StatusOpen Access
This is a post-print of an article whose final and definitive form has been published in Lecture Notes in Computer Science © 2005 Springer; the original publication is available at: http://www.springerlink.com
The widespread acceptance and uptake of Grid technology can only be achieved if it can be ensured that the security mechanisms needed to support Grid based collaborations are at least as strong as local security mechanisms. The predominant way in which security is currently addressed in the Grid community is through Public Key Infrastructures (PKI) to support authentication. Whilst PKIs address user identity issues, authentication does not provide fine grained control over what users are allowed to do on remote resources (authorisation). The Grid community have put forward numerous software proposals for authorisation infrastructures such as AKENTI , CAS , CARDEA , GSI , PERMIS [5,6,7] and VOMS [8,9]. It is clear that for the foreseeable future a collection of solutions will be the norm. To address this, the Global Grid Forum (GGF) have proposed a generic SAML based authorisation API which in principle should allow for fine grained control for authorised access to any Grid service. Experiences in applying and stress testing this API from a variety of different application domains are essential to give insight into the practical aspects of large scale usage of authorisation infrastructures. This paper presents experiences from the DTI funded BRIDGES project  and the JISC funded DyVOSE project  in using this API with Globus version 3.3  and the PERMIS authorisation infrastructure.
Keywordsgrid systems; grid technology
- Click on "Export Reference in RIS Format" and choose "open with... Endnote".
- Click on "Export Reference in RIS Format". Login to Refworks, go to References => Import References