Title :
A community authorization service for group collaboration
Author :
Pearlman, Laura ; Welch, Von ; Foster, Ian ; Kesselman, Carl ; Tuecke, Steven
Author_Institution :
Inf. Sci. Inst., Univ. of Southern California, Los Angeles, CA, USA
Abstract :
In "grids" and "collaboratories", we find distributed communities of resource providers and resource consumers, within which often complex and dynamic policies govern who can use which resources for which purpose. We propose a new approach to the representation, maintenance and enforcement of such policies that provides a scalable mechanism for specifying and enforcing these policies. Our approach allows resource providers to delegate some of the authority for maintaining fine-grained access control policies to communities, while still maintaining ultimate control over their resources. We also describe a prototype implementation of this approach and an application in a data management context
Keywords :
DP management; authorisation; distributed programming; groupware; resource allocation; authority delegation; collaboratories; community authorization service; complex dynamic policies; computational grids; data management; distributed communities; fine-grained access control policies; group collaboration; policy enforcement; policy maintenance; policy representation; policy specification; prototype implementation; resource consumers; resource providers; scalable mechanism; ultimate resource control; Authorization; Collaboration; Collaborative software; Computer science; Electrical capacitance tomography; Identity-based encryption; Intrusion detection; Mathematics; Prototypes; Resource management;
Conference_Titel :
Policies for Distributed Systems and Networks, 2002. Proceedings. Third International Workshop on
Conference_Location :
Monterey, CA
Print_ISBN :
0-7695-1611-4
DOI :
10.1109/POLICY.2002.1011293
