Abstract
In this paper we analyze the access control requirements of the dynamic virtual organization in grid environment and define an absolutely decentralized access control mechanism for the dynamic coalition characteristic of virtual organization. The access control framework in the paper combines the threshold BLS signature schema and the role based access control mechanism to provide a flexible and decentralized mechanism for the VO-based grid applications.
This paper is supported by ChinaGrid project funded by Ministry of Education of China and National Science Foundation under grant 90412010.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: A Security Architecture for Computational Grids. In: Proceedings of the 5th ACM Conference on Computer and Communications Security, San Francisco, CA, USA, pp. 83–92 (1998)
Foster, I., Kesselman, C., Tuecke, S.: The Anatomy of the Grid: Enabling Scalable Virtual Organizations. International Journal of High Performance Computing Applications 15(3), 200–222 (2001)
Pearlman, L., Welch, V., Foster, I., Kesselman, C., Tuecke, S.: A Community Authorization Service for Group Collaboration. In: Proceedings of the IEEE 3rd International Workshop on Policies for Distributed Systems and Networks, Monterey, CA (2002)
Alfieri, R., Cecchini, R., Ciaschini, V., dell’Agnello, L., Frohner, A., Gianoli, A., Lörentey, K., Spataro, F.: VOMS, an Authorization System for Virtual Organizations, DataGrid Project (2003), http://grid-auth.infn.it/docs/VOMS-Santiago.pdf
Thompson, M., Johnston, W., Mudumbai, S., Hoo, G., Jackson, K., Essiari, A.: Certificate-based Access Control for Widely Distributed Resources. In: Proceedings of the Eighth Usenix Security Symposium (August 1999)
Chadwick, D., Otenko, A.: The Permis X.509 Role Based Privilege Management Infrastructure. In: Proceedings of SACMAT 2002 Conference, pp. 135–140. ACM Press, New York (2002)
Chadwick, D.W.: An Authorization Interface for the GRID. In: Presented at the E-Science All Hands Meeting 2003, Nottingham, September 2-4 (2003)
Khurana, H., Gligor, V.D., Linn, J.: Reasoning about Joint Administration of Access Policies for Coalition Resources. In: Proceedings of ICDCS 2002, Vienna, pp. 429–443 (2002)
Byrd, T., Gong, F., Sargor, C., Smith, T.J.: Yalta: A secure collaborative space for dynamic coalitions. In: Proceedings of the 2001 IEEE Workshop on Information Assurance and Security, IEEE, United States Military Academy, West Point (2001)
Smith, T.J., Ramakrishnan, L.: Joint Policy Management and Auditing in Virtual Organizations. In: Proceedings of 4th International Workshop on Grid Computing, Phoenix, Arizona (2003)
Nita-Rotaru, C., Li, N.: A framework for Role-Based Access Control in Group Communication Systems. In: Proceedings of the 17th International Conference on Parallel and Distributed Computing Systems, San Francisco, CA (2004)
Boneh, D., Lynn, B., Shacham, H.: Short Signatures from the Weil Pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)
Boldyreva, A.: Efficient threshold signatures, multisignatures and blind signatures based on the Gap-Diffie-Hellman-Group Signature Scheme. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 31–46. Springer, Heidelberg (2002)
Saxena, N., Tsudik, G., Yi, J.H.: Access Control in Ad Hoc Groups. In: Proceedings of International Workshop on Hot Topics in Peer-to-Peer Systems, Volendam, Netherlands, (2004)
Kim, Y., Mazzocchi, D., Tsudik, G.: Admission Control in Peer Groups. In: Proceedings of IEEE International Symposium on Network Computing and Applications, NCA (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jin, H., Qiang, W., Shi, X., Zou, D. (2005). VO-Sec: An Access Control Framework for Dynamic Virtual Organization. In: Boyd, C., González Nieto, J.M. (eds) Information Security and Privacy. ACISP 2005. Lecture Notes in Computer Science, vol 3574. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11506157_31
Download citation
DOI: https://doi.org/10.1007/11506157_31
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-26547-4
Online ISBN: 978-3-540-31684-8
eBook Packages: Computer ScienceComputer Science (R0)