Skip to main content
SpringerLink
Log in

VO-Sec: An Access Control Framework for Dynamic Virtual Organization

  • Conference paper
Information Security and Privacy (ACISP 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3574))

Included in the following conference series:

Abstract

In this paper we analyze the access control requirements of the dynamic virtual organization in grid environment and define an absolutely decentralized access control mechanism for the dynamic coalition characteristic of virtual organization. The access control framework in the paper combines the threshold BLS signature schema and the role based access control mechanism to provide a flexible and decentralized mechanism for the VO-based grid applications.

This paper is supported by ChinaGrid project funded by Ministry of Education of China and National Science Foundation under grant 90412010.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: A Security Architecture for Computational Grids. In: Proceedings of the 5th ACM Conference on Computer and Communications Security, San Francisco, CA, USA, pp. 83–92 (1998)

    Google Scholar 

  2. Foster, I., Kesselman, C., Tuecke, S.: The Anatomy of the Grid: Enabling Scalable Virtual Organizations. International Journal of High Performance Computing Applications 15(3), 200–222 (2001)

    Article  Google Scholar 

  3. Pearlman, L., Welch, V., Foster, I., Kesselman, C., Tuecke, S.: A Community Authorization Service for Group Collaboration. In: Proceedings of the IEEE 3rd International Workshop on Policies for Distributed Systems and Networks, Monterey, CA (2002)

    Google Scholar 

  4. Alfieri, R., Cecchini, R., Ciaschini, V., dell’Agnello, L., Frohner, A., Gianoli, A., Lörentey, K., Spataro, F.: VOMS, an Authorization System for Virtual Organizations, DataGrid Project (2003), http://grid-auth.infn.it/docs/VOMS-Santiago.pdf

  5. Thompson, M., Johnston, W., Mudumbai, S., Hoo, G., Jackson, K., Essiari, A.: Certificate-based Access Control for Widely Distributed Resources. In: Proceedings of the Eighth Usenix Security Symposium (August 1999)

    Google Scholar 

  6. Chadwick, D., Otenko, A.: The Permis X.509 Role Based Privilege Management Infrastructure. In: Proceedings of SACMAT 2002 Conference, pp. 135–140. ACM Press, New York (2002)

    Google Scholar 

  7. http://dsd.lbl.gov/akenti/codeDist/GRAMAkentiAuthz.html

  8. Chadwick, D.W.: An Authorization Interface for the GRID. In: Presented at the E-Science All Hands Meeting 2003, Nottingham, September 2-4 (2003)

    Google Scholar 

  9. Khurana, H., Gligor, V.D., Linn, J.: Reasoning about Joint Administration of Access Policies for Coalition Resources. In: Proceedings of ICDCS 2002, Vienna, pp. 429–443 (2002)

    Google Scholar 

  10. Byrd, T., Gong, F., Sargor, C., Smith, T.J.: Yalta: A secure collaborative space for dynamic coalitions. In: Proceedings of the 2001 IEEE Workshop on Information Assurance and Security, IEEE, United States Military Academy, West Point (2001)

    Google Scholar 

  11. Smith, T.J., Ramakrishnan, L.: Joint Policy Management and Auditing in Virtual Organizations. In: Proceedings of 4th International Workshop on Grid Computing, Phoenix, Arizona (2003)

    Google Scholar 

  12. Nita-Rotaru, C., Li, N.: A framework for Role-Based Access Control in Group Communication Systems. In: Proceedings of the 17th International Conference on Parallel and Distributed Computing Systems, San Francisco, CA (2004)

    Google Scholar 

  13. Boneh, D., Lynn, B., Shacham, H.: Short Signatures from the Weil Pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  14. Boldyreva, A.: Efficient threshold signatures, multisignatures and blind signatures based on the Gap-Diffie-Hellman-Group Signature Scheme. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 31–46. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  15. Saxena, N., Tsudik, G., Yi, J.H.: Access Control in Ad Hoc Groups. In: Proceedings of International Workshop on Hot Topics in Peer-to-Peer Systems, Volendam, Netherlands, (2004)

    Google Scholar 

  16. Kim, Y., Mazzocchi, D., Tsudik, G.: Admission Control in Peer Groups. In: Proceedings of IEEE International Symposium on Network Computing and Applications, NCA (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Cluster and Grid Computing Lab, Huazhong University of Science and Technology, Wuhan, 430074, China

    Hai Jin, Weizhong Qiang, Xuanhua Shi & Deqing Zou

Authors
  1. Hai Jin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Weizhong Qiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xuanhua Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Deqing Zou
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Information Security Institute, Queensland University of Technology, GPO Box 2434, Qld 4001, Brisbane, Australia

    Colin Boyd

  2. Information Security Institute, Queensland University of Technology, GPO Box 2434, QLD 4001, Brisbane, Australia

    Juan Manuel González Nieto

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jin, H., Qiang, W., Shi, X., Zou, D. (2005). VO-Sec: An Access Control Framework for Dynamic Virtual Organization. In: Boyd, C., González Nieto, J.M. (eds) Information Security and Privacy. ACISP 2005. Lecture Notes in Computer Science, vol 3574. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11506157_31

Download citation

  • DOI: https://doi.org/10.1007/11506157_31

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-26547-4

  • Online ISBN: 978-3-540-31684-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation