{"title":"基于属性的网格计算授权","authors":"H. Khider, T. Osman, N. Sherkat","doi":"10.1109/ISMS.2010.24","DOIUrl":null,"url":null,"abstract":"the development of adequate security solutions and in particular of authorization techniques for grid computing systems is a challenging task. Traditional security trends tried to overcome this problem by using a low-level access control policy which maps a user’s identity to a local account. This approach is not scalable and is hard to manage in a distributed environment. Current trends started adopting approaches that pass attributes for authorization instead of passing user’s credentials. The problem still hasn’t been solved completely primarily because it uses PKI (Public Key Infrastructure) user certificate for authorization, and the main problem with this approach is the inflexibility of the PKI infrastructure when it comes to open distributed systems (Grid). Additionally implementations of attribute-based authorization have largely adopted the XML based SAML (Security Assertion Markup Language) and XACML (eXtensible Access Control Markup Language) standards for authentication and authorization. The author investigates an approach that uses XACML for Authorizations and utilizes a proxy for the attribute authorityto allow for the distribution of attribute requests to numerous attribute authorities to whom the user is subscribed.","PeriodicalId":434315,"journal":{"name":"2010 International Conference on Intelligent Systems, Modelling and Simulation","volume":"59 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-01-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Attribute-Based Authorization for Grid Computing\",\"authors\":\"H. Khider, T. Osman, N. Sherkat\",\"doi\":\"10.1109/ISMS.2010.24\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"the development of adequate security solutions and in particular of authorization techniques for grid computing systems is a challenging task. Traditional security trends tried to overcome this problem by using a low-level access control policy which maps a user’s identity to a local account. This approach is not scalable and is hard to manage in a distributed environment. Current trends started adopting approaches that pass attributes for authorization instead of passing user’s credentials. The problem still hasn’t been solved completely primarily because it uses PKI (Public Key Infrastructure) user certificate for authorization, and the main problem with this approach is the inflexibility of the PKI infrastructure when it comes to open distributed systems (Grid). Additionally implementations of attribute-based authorization have largely adopted the XML based SAML (Security Assertion Markup Language) and XACML (eXtensible Access Control Markup Language) standards for authentication and authorization. The author investigates an approach that uses XACML for Authorizations and utilizes a proxy for the attribute authorityto allow for the distribution of attribute requests to numerous attribute authorities to whom the user is subscribed.\",\"PeriodicalId\":434315,\"journal\":{\"name\":\"2010 International Conference on Intelligent Systems, Modelling and Simulation\",\"volume\":\"59 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-01-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 International Conference on Intelligent Systems, Modelling and Simulation\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISMS.2010.24\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 International Conference on Intelligent Systems, Modelling and Simulation","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISMS.2010.24","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
the development of adequate security solutions and in particular of authorization techniques for grid computing systems is a challenging task. Traditional security trends tried to overcome this problem by using a low-level access control policy which maps a user’s identity to a local account. This approach is not scalable and is hard to manage in a distributed environment. Current trends started adopting approaches that pass attributes for authorization instead of passing user’s credentials. The problem still hasn’t been solved completely primarily because it uses PKI (Public Key Infrastructure) user certificate for authorization, and the main problem with this approach is the inflexibility of the PKI infrastructure when it comes to open distributed systems (Grid). Additionally implementations of attribute-based authorization have largely adopted the XML based SAML (Security Assertion Markup Language) and XACML (eXtensible Access Control Markup Language) standards for authentication and authorization. The author investigates an approach that uses XACML for Authorizations and utilizes a proxy for the attribute authorityto allow for the distribution of attribute requests to numerous attribute authorities to whom the user is subscribed.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
