Abstract
In this article the new trend in authorisation decision making will be described, using the Security Assertions Mark up Language (SAML). We then present an overview of the Globus Toolkit (GT), used in Grid computing environments, and highlight its authorisation requirements. We then introduce the PERMIS authorisation infrastructure and describe how it has been adapted to support SAML so that it can be deployed to make authorisation decisions for GTversion 3.3.
Chapter PDF
Similar content being viewed by others
Key words
5. References
OASIS. “Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML)”. 19 April 2002. See http://www.oasis-open.org/committees/security/
Globus toolkit, http://www.globus.org/toolkit
D.W. Chadwick, A. Otenko, E. Ball. “Implementing Role Based Access Controls Using X.509 Attribute Certificates”, IEEE Internet Computing, March–April 2003, pp. 62–69.
ITU-T Rec X.812 (1995) | ISO/IEC 10181-3:1996 “Security Frameworks for open systems: Access control framework”
Shibboleth Project, available at http://shibboleth.internet2.edu/
L. Pearlman, V. Welch, I. Foster, C. Kesselman, S. Tuecke. “A Community Authorization Service for Group Collaboration”. Proceedings of the IEEE 3rd International Workshop on Policies for Distributed Systems and Networks, 2002.
Johnston, W., Mudumbai, S., Thompson, M. “Authorization and Attribute Certificates for Widely Distributed Access Control,” IEEE 7th Int Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE), Stanford, CA. June, 1998. Page(s): 340–345 (see also http://www-itg.lbl.gov/security/Akenti/)
Von Welch, Frank Siebenlist, Ian Foster, John Bresnahan, Karl Czajkowski, Jarek Gawor, Carl Kesselman, Sam Meder, Laura Pearlman, and Steven Tuecke. Security for grid services. In Twelfth International Symposium on High Performance Distributed Computing (HPDC-12). IEEE Computer Society Press, 2003.
Von Welch, Frank Siebenlist, David Chadwick, Sam Meder, Laura Pearlman. “Use of SAML for OGSA Authorization”, Jan 2004, Available from https://forge.gridforum.org/projects/ogsa-authz
ISO 9594-8/ITU-T Rec. X.509 (2001) The Directory: Public-key and attribute certificate frameworks
T. Howes, M. Smith. “The LDAP URL Format”, RFC 2255, Dec 1997
ITU-T Recommendation X.680 (1997) | ISO/I EC 8824-1:1998, Information Technology-Abstract Syntax Notation One (ASN.l): Specification of Basic Notation
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 International Federation for Information Processing
About this paper
Cite this paper
Chadwick, D., Otenko, S., Welch, V. (2005). Using SAML to Link the Globus Toolkit to the Permis Authorisation Infrastructure. In: Chadwick, D., Preneel, B. (eds) Communications and Multimedia Security. IFIP — The International Federation for Information Processing, vol 175. Springer, Boston, MA. https://doi.org/10.1007/0-387-24486-7_19
Download citation
DOI: https://doi.org/10.1007/0-387-24486-7_19
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-24485-3
Online ISBN: 978-0-387-24486-0
eBook Packages: Computer ScienceComputer Science (R0)