Abstract
Grid computing has emerged as a special form of distributed computing and is distinguished from conventional distributed computing by its focus on dynamic, large-scale resource sharing over a wide geographic distribution. Grid Computing System (GCS) is a distributed system infrastructure over which distributed applications with cross-organization resource sharing are operated. Grid applications are modelled by the notion of virtual organization which is generally composed of participants from different organizations driven by specific tasks. In order to control participation and access to shared resource, authorization is essential in VO. Authorization in VO is challenging because of the dynamic and distributed nature of VO. A community authorization service (CAS) was proposed recently to meet the Grid challenges and to enforce fine-grained access control policies in the VO. However, the situation is aggravated when VO is used to model business application systems such as financial systems of commercial enterprises where security and accountability are of key concerns. The emphasis on separation of duties in business applications only make things worse. This paper aims to address these authorization issues when the GCS is used to support business applications. In this paper, we introduce the use of threshold closure as a tool for enhancing the CAS in order for the Grid to better support commercial VO.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Foster, I., Kesselman, C., Tuecke, S.: The anatomy of the grid: enabling scalable virtual organizations. Int. J. Supercomputer Applications 15(3), 200–222 (2001)
Pearlman, L., Welch, V., Foster, I., Kesselman, C., Tuecke, S.: A Community Authorization Service for Group Collaboration. In: Proceedings of the IEEE 3rd International Workshop on Policies for Distributed Systems and Networks (2002)
Zhao, X.B., Lam, K.Y., Chung, S.L., Gu, M., Sun, J.G.: Authorization Mechanisms for Virtual Organizations in Distributed Computing Systems. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 414–426. Springer, Heidelberg (2004)
Lam, K.Y., Zhao, X.B., Chung, S.L., Gu, M., Sun, J.G.: Enhancing Grid Security Infrastructure to Support Mobile Computing Nodes. In: Chae, K.-J., Yung, M. (eds.) WISA 2003. LNCS, vol. 2908, pp. 42–54. Springer, Heidelberg (2004)
Overview of the Grid Security Infrastructure at, http://www-fp.globus.org/security/overview.html
Zhou, J.Y., Lam, K.Y.: Securing digital signatures for non-repudiation. Journal of Computer Communications 22(8), 710–716 (1999)
Nagaraj, S.V.: Access control in distributed object systems: problems with access control lists. In: Proceedings of the Tenth IEEE International Workshops, WET ICE 2001. Enabling Technologies: Infrastructure for Collaborative Enterprises (2001)
Zhang, C.R., Lam, K.Y., Jajodia, S.: Scalable threshold closure. Theoretical Computer Science 226, 185–206 (1999)
Shamir, A.: How to share a secret. Communications of the ACM 22(11), 612–613 (1979)
Benaloh, J.C., Leichter, J.: Generalized secret sharing and monotone functions. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 27–35. Springer, Heidelberg (1990)
Ito, M., Saito, A., Nishizeki, T.: Secret sharing scheme realizing general access structure. In: Globecom 1987, Tokyo, Japan, pp. 99–102 (1987)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yong, JP., Lam, KY., Chung, SL., Gu, M., Sun, JG. (2004). Enhancing the Scalability of the Community Authorization Service for Virtual Organizations. In: Chi, CH., Lam, KY. (eds) Content Computing. AWCC 2004. Lecture Notes in Computer Science, vol 3309. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30483-8_23
Download citation
DOI: https://doi.org/10.1007/978-3-540-30483-8_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23898-0
Online ISBN: 978-3-540-30483-8
eBook Packages: Springer Book Archive