Abstract
Web Services and the Grid allow distributed research teams to form dynamic, multi-institutional virtual organizations sharing high performance computing resources, large scale data sets and instruments for solving computationally intensive scientific applications, thereby forming Virtual Laboratories. This paper aims at exploring security issues of such distributed scientific laboratories and tries to extend security mechanisms by defining a general approach in which a security policy is used both to provide and regulate access to scientific services. In particular, we consider how security policies specified in XACML and WS-Policy can support the requirements of secure data and resource sharing in a scientific experiment. A framework is given where security policies are stated by the different participants in the experiment, providing a Policy Management system. A prototype implementation of the proposed framework is presented.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Amigoni F., Fugini M.G., Liberati D., ”Design and Execution of Distributed Experiments”, Proc. 9th International Conference on Enterprise Information Systems, (ICEIS’07), Madeira, June 2007
Anderson A. et. al., XACML 1.0 Specification, http://www.oasis-open.org/committees/tc home.php?wg abbrev=xacml, 2003
Atkinson B. et al., Web Services Security (WS-Security), 2002, Version 1.0 April 5, 2002, http://www.verisign.com/wss/wss.pdf
Bartel M., Boyer J., Fox B., LaMacchia B. and Simon, XML Signatures, http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/E
Bosin A., Dess N., Fugini M.G., Liberati D., Pes B., ”Supporting Distributed Experiments in Cooperative Environments”, in Business Process Management, Springer-Verlag Bussler C., Haller A. (Eds.), vol. 25, 2006, pp. 281 - 292
Camarinha-Matos L.M., Silveri I., Afsarmanesh H., and Oliveira A.I., ”Towards a Framework for Creation of Dynamic Virtual Organizations”, in Collaborative Networks and Their Breeding Environments, Springer, Boston Volume 186/2005, 2005, pp. 69-80
Casati F., Castano S., Fugini M.G., ”ManagingWorkflow Authorization Constraints Through Active Database Technology”, Journal of Information Systems Frontiers, Special Issue on Workflow Automation and Business Process Integration, 2002
Damiani E., De Capitani di Vimercati S., Paraboschi S., Samarati P., ”Fine Grained Access Control for SOAP E-Services”, in Proc. of the Tenth International World Wide Web Conference, Hong Kong, China, May 1-5, 2001.
Della-Libera G. et al., Web Services Trust Language (WS-Trust), available at http://www.ibm.com/developerworks/library/ws-trust/index.html
Della-Libera G., et al, ”Web Services Security Policy Language (WS-SecurityPolicy,” July 2005. (See http://www.oasis-en.org/committees/download.php/16569/)
Foster, I. 2006. ”Service-Oriented Science: Scaling e-Science Impact”, Proceedings of the 2006 IEEE/WIC/ACM International Conference on Web intelligence, 2006
Hallam-Baker P., Hodges J., Maler E., McLaren C., Irving R., SAML 1.0 Specification, http://www.oasis-open.org/committees/tc home.php?wg abbrev=security, 2003
IETF Policy Framework Working Group, A framework for policy-based admission control, available at http://www.ietf.org/rfc/rfc2753.txt, 2003
ImamuraT., Dillaway B., Simon E., XML Encryption, http://www.w3.org/TR/xmlenc-core/
Jiang H., Lu S., ”Access Control for Workflow Environment: The RTFW Model”, in Computer Supported CooperativeWork in Design III, LNCS Springer Berlin / Heidelberg, Volume 4402/2007, 2007, pp. 619-626
Kim K.H., Buyya R., ”Policy-based Resource Allocation in Hierarchical Virtual Organizations for Global Grids”, 18th International Symposium on Computer Architecture and High Performance Computing (SBAC-PAD’06), 2006, pp. 36-46
Lang B., Foster I., Siebenlist F., Ananthakrishnan R., Freeman T., ”A Multipolicy Authorization Framework for Grid Security,” Fifth IEEE International Symposium on Network Computing and Applications (NCA’06), 2006, pp. 269-272
Mohammad A.,Chen A.,Wang G. W., Changzhou C., Santiago R., ”A Multi-Layer Security Enabled Quality of Service (QoS) Management Architecture”, in Enterprise Distributed Object Computing Conference, 2007 (EDOC 2007) Oct. 2007, pp.423-423
Nadalin A., C. Kaler, P. Hallam-Baker, R. Monzillo (Eds.) Web Services Security, available at http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf
Welch V., Siebenlist F., Foster I., Bresnahan J., Czajkowski K., Gawor J., Kesselman C., Meder S., Pearlman L., Tuecke S., ”Security for Grid Services”, Proc. 12th IEEE International Symposium on High Performance Distributed Computing, 22-24 June 2003, pp. 48- 57
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 IFIP International Federation for Information Processing
About this paper
Cite this paper
Dessí, N., Fugini, M.G., Balachandar, R.A. (2008). Policies and Security Aspects For Distributed Scientific Laboratories. In: Jajodia, S., Samarati, P., Cimato, S. (eds) Proceedings of The Ifip Tc 11 23rd International Information Security Conference. SEC 2008. IFIP – The International Federation for Information Processing, vol 278. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-09699-5_15
Download citation
DOI: https://doi.org/10.1007/978-0-387-09699-5_15
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-09698-8
Online ISBN: 978-0-387-09699-5
eBook Packages: Computer ScienceComputer Science (R0)