Dynamic and Fine-Grained Authentication and Authorization Architecture for Grid Computing

  • Hyunjoon Jung
  • Hyuck Han
  • Hyungsoo Jung
  • Heon Y. Yeom
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3516)


The Globus Toolkit makes it very easy and comfortable for grid users to develop and deploy grid service. As for the security mechanism, however, only static authentication and coarse-grained authorization mechanism is provided in current Globus Toolkit. In this paper we address the limitations of current security mechanism in the Globus Toolkit and propose a new architecture which provides fine-grained and flexible security mechanism. To implement this without modifying existing components, we make use of the Aspect-Oriented Programming technique.


Security Policy Grid Service Authorization Part Grid User Globus Toolkit 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Welchr, V., Foster, I., Kesselman, C., Mulmo, O., Pearlman, L., Tuecke, S., Gawor, J., Meder, S., Siebenlist, F.: X.509 Proxy Certificates for Dynamic Delegation. In: Annual PKI R&D workshop (April 2004)Google Scholar
  2. 2.
    Welch, V., Siebenlis, F., Foster, I., Bresnaban, J., Czajkowski, K., Gawor, J., Kesselman, C., Meder, S., Pearlman, L., Tuecke, S.: Security for Grid Services. In: IEEE Symposium on High Performance and Distributed Computing (June 2003)Google Scholar
  3. 3.
    Foster, I., Kesselman, C., Tsudik, C., Tuecke, S.: A Security Architecture for Computational Grids. In: 5th ACM Conference on Computer and Communication Security (1998)Google Scholar
  4. 4.
    Security in a Web Services World: A Proposed Architecture and Roadmap, A Joint White Paper from IBM Corporation and Microsoft Corporation (April 2002)Google Scholar
  5. 5.
    Tuecke, S., Czajkowski, K., Foster, I., Frey, J., Graham, S., Kesselman, C., Maguire, T., Sandholm, T., Snelling, D., Vanderbilt, P.: Open Grid Services Infrastructure (OGSI) Version 1.0. Global Grid Forum (June 2003)Google Scholar
  6. 6.
    Nagaratnam, N., Janson, P., Dayka, J., Nadalin, A., Siebenlist, F., Welch, V., Foster, I., Tuecke, S.: The Security Architecture for Open Grid Services (July 2002)Google Scholar
  7. 7.
    Foster, I., Kesselman, C., Nick, J., Tuecke, S.: The Physiology of the Grid: An Open Grid Services Architecture for Distributed Systems Integration. Globus Project (2002),
  8. 8.
    Gawor, J., Meder, S., Siebenlist, F., Welch, V.: GT3 Grid Security Infrastructure Overview. In: Globus Project 2003 (2003)Google Scholar
  9. 9.
    The AspectJ Team, The AspectJTM Programming Guide, Copyright (c) 1998-2001 Xerox Corporation, 2002-2003 Palo Alto Research Center, Incorporated. All rights reservedGoogle Scholar
  10. 10.
    Voelter, M.: Aspectj-Oriented Programming in Java (in the January 2000 issue of the Java Report) (2000)Google Scholar
  11. 11.
    Foster, I., Kesselman, C., Tuecke, S.: The anatomy of the grid: Enabling scalable virtual organizations. Intl. J. Supercomputer Applications (2001)Google Scholar
  12. 12.
    Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: Security Architecture for Computational Grids. In: 5th ACM Conference on Computer and Communications Security Conference, pp. 83–92 (1998)Google Scholar
  13. 13.
    Palo Alto Research Center, The AspectJ (TM) Programming Guide,
  14. 14.
    Elrad, T., Filman, R.E., Bader, A.: Aspect-oriented programming: Introduction. Communications of the ACM (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Hyunjoon Jung
    • 1
  • Hyuck Han
    • 1
  • Hyungsoo Jung
    • 1
  • Heon Y. Yeom
    • 1
  1. 1.School of Computer Science and EngineeringSeoul National UniversitySeoulSouth Korea

Personalised recommendations