Abstract
Current Grid Security Infrastructure (GSI) using Single Sign On (SSO) mechanism based on Public Key Infrastructure (PKI) allows resource consumer to access resources securely and widely. There is no mechanism to access resource differentially in Grid environment currently. Furthermore, Open Grid Service Infrastructure (OGSI) in Global Grid Forum (GGF) extends use of Grid system or services up to business area using Web service technology. Therefore differential resource (or service) access from remote users is necessary operation to resource holders to share their resources securely. This paper presents a novel security approach on GSI to share resources differentially on the private policy using Security Assertion Markup Language (SAML) and eXtensible Access Control Markup Language (XACML) by adding scripts for resource broker (or controller). This scheme offers much flexible and effective mechanism on the recent Grid service environments.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Globus, http://www.globus.org
The PKI page, http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml
X.509 Certificates and Certificate Revocation Lists (CRLs), http://java.sun.com/products/jdk/1.2/docs/guide/security/cert3.html
OpenSSL, http://www.openssl.org/
Butler, R., Engert, D., Foster, I., Kesselman, C., Tuecke, S., Volmer, J., Welch, V.: A National-Scale Authentication Infrastructure. IEEE Computer 33(12), 60–66 (2000)
Foster, Kesselman, C., Tsudik, G., Tuecke, S.: A Security Architecture for Computational Grids. In: Proc. 5th ACM Conference on Computer and Communications Security Conference, pp. 83–92 (1998)
Global Grid Forum, http://www.globalgridforum.org
Assertions and Protocol for the OASIS Security Assertion Mark up Language (SAML), OASIS Standard (November 5, 2002)
A Brief Introduction to XACML, http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml
XML Key Management Specification (XKMS) Ver 2.0. W3C Working Draft (April 18, 2003)
Hallam-Banker, P.: W3C XKMS workshop position paper. In: Proceedings of XKMS Workshop, Redwood City, CA, July 19 (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Huh, EN. (2004). A New Architecture Design for Differentiated Resource Sharing on Grid Service. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds) Computational Science and Its Applications – ICCSA 2004. ICCSA 2004. Lecture Notes in Computer Science, vol 3043. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24707-4_46
Download citation
DOI: https://doi.org/10.1007/978-3-540-24707-4_46
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22054-1
Online ISBN: 978-3-540-24707-4
eBook Packages: Springer Book Archive