Advertisement

VO-Sec: An Access Control Framework for Dynamic Virtual Organization

  • Hai Jin
  • Weizhong Qiang
  • Xuanhua Shi
  • Deqing Zou
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3574)

Abstract

In this paper we analyze the access control requirements of the dynamic virtual organization in grid environment and define an absolutely decentralized access control mechanism for the dynamic coalition characteristic of virtual organization. The access control framework in the paper combines the threshold BLS signature schema and the role based access control mechanism to provide a flexible and decentralized mechanism for the VO-based grid applications.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: A Security Architecture for Computational Grids. In: Proceedings of the 5th ACM Conference on Computer and Communications Security, San Francisco, CA, USA, pp. 83–92 (1998)Google Scholar
  2. 2.
    Foster, I., Kesselman, C., Tuecke, S.: The Anatomy of the Grid: Enabling Scalable Virtual Organizations. International Journal of High Performance Computing Applications 15(3), 200–222 (2001)CrossRefGoogle Scholar
  3. 3.
    Pearlman, L., Welch, V., Foster, I., Kesselman, C., Tuecke, S.: A Community Authorization Service for Group Collaboration. In: Proceedings of the IEEE 3rd International Workshop on Policies for Distributed Systems and Networks, Monterey, CA (2002)Google Scholar
  4. 4.
    Alfieri, R., Cecchini, R., Ciaschini, V., dell’Agnello, L., Frohner, A., Gianoli, A., Lörentey, K., Spataro, F.: VOMS, an Authorization System for Virtual Organizations, DataGrid Project (2003), http://grid-auth.infn.it/docs/VOMS-Santiago.pdf
  5. 5.
    Thompson, M., Johnston, W., Mudumbai, S., Hoo, G., Jackson, K., Essiari, A.: Certificate-based Access Control for Widely Distributed Resources. In: Proceedings of the Eighth Usenix Security Symposium (August 1999)Google Scholar
  6. 6.
    Chadwick, D., Otenko, A.: The Permis X.509 Role Based Privilege Management Infrastructure. In: Proceedings of SACMAT 2002 Conference, pp. 135–140. ACM Press, New York (2002)Google Scholar
  7. 7.
  8. 8.
    Chadwick, D.W.: An Authorization Interface for the GRID. In: Presented at the E-Science All Hands Meeting 2003, Nottingham, September 2-4 (2003)Google Scholar
  9. 9.
    Khurana, H., Gligor, V.D., Linn, J.: Reasoning about Joint Administration of Access Policies for Coalition Resources. In: Proceedings of ICDCS 2002, Vienna, pp. 429–443 (2002)Google Scholar
  10. 10.
    Byrd, T., Gong, F., Sargor, C., Smith, T.J.: Yalta: A secure collaborative space for dynamic coalitions. In: Proceedings of the 2001 IEEE Workshop on Information Assurance and Security, IEEE, United States Military Academy, West Point (2001)Google Scholar
  11. 11.
    Smith, T.J., Ramakrishnan, L.: Joint Policy Management and Auditing in Virtual Organizations. In: Proceedings of 4th International Workshop on Grid Computing, Phoenix, Arizona (2003)Google Scholar
  12. 12.
    Nita-Rotaru, C., Li, N.: A framework for Role-Based Access Control in Group Communication Systems. In: Proceedings of the 17th International Conference on Parallel and Distributed Computing Systems, San Francisco, CA (2004)Google Scholar
  13. 13.
    Boneh, D., Lynn, B., Shacham, H.: Short Signatures from the Weil Pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  14. 14.
    Boldyreva, A.: Efficient threshold signatures, multisignatures and blind signatures based on the Gap-Diffie-Hellman-Group Signature Scheme. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 31–46. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  15. 15.
    Saxena, N., Tsudik, G., Yi, J.H.: Access Control in Ad Hoc Groups. In: Proceedings of International Workshop on Hot Topics in Peer-to-Peer Systems, Volendam, Netherlands, (2004)Google Scholar
  16. 16.
    Kim, Y., Mazzocchi, D., Tsudik, G.: Admission Control in Peer Groups. In: Proceedings of IEEE International Symposium on Network Computing and Applications, NCA (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Hai Jin
    • 1
  • Weizhong Qiang
    • 1
  • Xuanhua Shi
    • 1
  • Deqing Zou
    • 1
  1. 1.Cluster and Grid Computing LabHuazhong University of Science and TechnologyWuhanChina

Personalised recommendations