Dynamic security context management in Grid-based applications

Yuri Demchenko, Olle Mulmo, Leon Gommans, Cees de Laat, Alfred Wan
2008 Future generations computer systems  
This paper summarises ongoing research and recent results on the development of flexible access control infrastructure for complex resource provisioning in Grid-based collaborative applications and on-demand network services provisioning. The paper analyses the general access control model for Grid based applications and discusses what mechanisms can be used for expressing and handling dynamic domain or process/workflow related security context. Suggestions are given what specific functionality
more » ... should be added to the Grid-oriented authorization frameworks to handle such dynamic security context. As an example, the paper explains how such functionality can be achieved in the GAAA Authorization framework (GAAA-AuthZ) and GAAA toolkit. Additionally, the paper describes AuthZ ticket format for extended AuthZ session management. The paper is based on experiences gained from major Grid based and Grid oriented projects such as EGEE, Phosphorus, NextGRID, and GigaPort Research on Network.
doi:10.1016/j.future.2007.07.015 fatcat:yurqfddjbvgyhg6k4igggwqwta