Skip to main content
SpringerLink
Log in
Book cover

International Conference on Grid and Pervasive Computing

GPC 2009: Advances in Grid and Pervasive Computing pp 57–68Cite as

An Account Policy Model for Grid Environments

  • Conference paper

  • 557 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 5529))

Abstract

To manage jobs in multi-institutional grid environments, an automation tool needs to know not only the characteristics of resources, but also whether a job’s credentials will be mapped to accounts on them. Credentials may be mapped to an existing dedicated or shared account on a resource, or a new account may be created. Existing information models provide little account policy information, even though the development of virtual organization and account management tools means that account policies may be increasingly dynamic. Without automation tools being able to understand account policies, projects are unable to take full advantage of modern virtual organization and account management systems. Using advertised account policies, automation tools could consider whether the account creation, access, expiry, and cleanup policies of a service provider make it a good candidate for running particular jobs. Additionally, account renewals could be managed automatically using information in an expiry policy model.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Foster, I., Kesselman, C. (eds.): The grid: blueprint for a new computing infrastructure. Morgan Kaufmann Publishers Inc., San Francisco (1999)

    Google Scholar 

  2. Distributed Management Task Force, Inc. CIM Schema version 2.20 (November 2008), http://www.dmtf.org/standards/cim

  3. Andreozzi, S. (ed.): GLUE specification v2.0 (revision 4 after public comment) (February 2009), http://forge.ggf.org/sf/projects/glue-wg

  4. Baker, R., Yu, D., Wlodek, T.: A model for grid user management. In: Computing in High Energy and Nuclear Physics (2003)

    Google Scholar 

  5. Welch, V., Barton, T., Keahey, K., Siebenlist, F.: Attributes, anonymity, and access: Shibboleth and globus integration to facilitate grid collaboration. In: 4th Annual PKI R&D Workshop (2005)

    Google Scholar 

  6. Hacker, T.J., Athey, B.D.: A methodology for account management in grid computing environments. In: Proceedings of the 2nd International Workshop on Grid Computing, pp. 133–144 (2001)

    Google Scholar 

  7. Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: A security architecture for computational grids. In: Proceedings of the 5th ACM Conference on Computer and Communications Security, pp. 83–92 (1998)

    Google Scholar 

  8. gridmapdir (2002), http://www.gridsite.org/gridmapdir/

  9. Alfieri, R., Cecchini, R., Ciaschini, V., dell’Agnello, L., Frohner, A., Lorentey, K., Spataro, F.: From gridmap-file to VOMS: Managing authorization in a grid environment. Future Generation Computer Systems 21(4), 549–558 (2005)

    Article  Google Scholar 

  10. Scavo, T., Cantor, S.: Shibboleth architecture technical overview (June 2005), http://shibboleth.internet2.edu/docs/draft-mace-shibboleth-tech-overview-latest.pdf

  11. Gietz, P., Grimm, C., Groper, R., Haase, M., Makedanz, S., Pfeiffenberger, H., Schiffers, M.: IVOM work package 1: Evaluation of international Shibboleth-based VO management projects (v 1.2) (June 2007), http://www.d-grid.de/

  12. Pearlman, L., Welch, V., Foster, I., Kesselman, C., Tuecke, S.: A community authorization service for group collaboration. In: Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks, pp. 50–59 (2002)

    Google Scholar 

  13. Lorch, M., Adams, D.B., Kafura, D., Koneni, M.S.R., Rathi, A., Shah, S.: The PRIMA system for privilege management, authorization and enforcement in grid environments. In: Proceedings of the 4th International Workshop on Grid Computing, pp. 109–116 (2003)

    Google Scholar 

  14. Thompson, M., Essiari, A., Keahey, K., Welch, V., Lang, S., Liu, B.: Fine-Grained Authorization for Job and Resource Management Using Akenti and the Globus Toolkit. ArXiv Computer Science e-prints (June 2003)

    Google Scholar 

  15. Chadwick, D., Otenko, A.: The PERMIS X.509 role based privilege management infrastructure. Future Generation Computer Systems 19(23), 277–289 (2003)

    Article  Google Scholar 

  16. Cantor, S., Kemp, J., Philpott, R., Maler, E. (eds.): Assertions and protocols for the oasis security assertion markup language. OASIS Standard (March 2005)

    Google Scholar 

  17. Moses, T. (ed.): eXtensible Access Control Markup Language (XACML) Version 2.0. OASIS Standard (2005)

    Google Scholar 

  18. Nordic Testbed for Wide Area Computing and Data Handling. Nordugrid information system (September 2002), http://www.nordugrid.org/documents/ng-infosys.pdf

  19. Hitachi Ltd. NAREGI Resource Description Schema Specification and Relational Data Model (2007), http://forge.ogf.org/sf/docman/do/downloadDocument/projects.glue-wg/docman.root.background.specifications/doc14300

  20. Kiddle, C., Kivi, D., Simmonds, R.: Model-driven automation in grid environments. In: Proceedings of the 4th International Symposium on Frontiers in Networking with Applications (2008)

    Google Scholar 

  21. Enterprise Grid Alliance. Reference Model and Use Cases v1.5 (2006), http://www.ogf.org/gf/docs/egadocs.php

  22. Aikema, D.: VO-centric account management. M.Sc. thesis, University of Calgary (2007)

    Google Scholar 

  23. Aikema, D.: A model of account access control and lifecycle management. Technical Report 2007-885-37, Department of Computer Science, University of Calgary (December 2007)

    Google Scholar 

  24. Novotny, J., Tuecke, S., Welch, V.: An online credential repository for the grid: MyProxy. In: Proceedings of the 10th IEEE International Symposium on High Performance Distributed Computing, pp. 104–111 (2001)

    Google Scholar 

  25. Srinivasan, L., Banks, T.: Web Services Resource Lifetime 1.2 (WS-ResourceLifetime) (January 2006), http://docs.oasis-open.org/wsrf/wsrf-ws_resource_lifetime-1.2-spec-os.pdf

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Calgary, 2500 University Drive NW, Calgary, AB, Canada

    David Aikema, Cameron Kiddle & Rob Simmonds

Authors
  1. David Aikema
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Cameron Kiddle
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rob Simmonds
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Applied Sicences, Western Switzerland (HES-SO), Rue Prairie 4, 1202, Geneva, Switzerland

    Nabil Abdennadher

  2. Computer Science Department, West University of Timisoara, Timisoara, Romania

    Dana Petcu

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Aikema, D., Kiddle, C., Simmonds, R. (2009). An Account Policy Model for Grid Environments. In: Abdennadher, N., Petcu, D. (eds) Advances in Grid and Pervasive Computing. GPC 2009. Lecture Notes in Computer Science, vol 5529. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01671-4_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-01671-4_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-01670-7

  • Online ISBN: 978-3-642-01671-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation