Title :
Workflow-based authorization service in grid
Author :
Kim, Seung-Hyun ; Kim, Jong ; Hong, Sung-Je ; Kim, Sangwan
Author_Institution :
Dept. of Comput. Sci. & Eng., Pohang Univ. of Sci. & Technol., South Korea
Abstract :
In a distributed environment, specific rights may be required while a task is controlled and processed. A user should delegate enough rights to a task for processing. Tasks cannot work correctly if delegated rights are insufficient, or security threats may occur if delegated rights are excessive. Restricted delegation is the step that delegates proper rights to a task, and that enables finegrained authorization in grid. We propose WAS architecture as the method for supporting restricted delegation and rights management. In contrast to traditional architecture, WAS architecture uses a workflow that describes the sequence of rights required for normal execution of a task. By using the workflow, WAS architecture is able to check whether the task exercises allowed rights. WAS architecture is implemented on Globus toolkit 2.0.
Keywords :
authorisation; computer crime; distributed processing; grid computing; message authentication; open systems; delegated rights; fine-grained authorization; grid computing; open systems; restricted delegation; security threats; workflow-based authorization service architecture; Authentication; Authorization; Computer architecture; Computer science; Conferences; Content addressable storage; Grid computing; Information security; Process control;
Conference_Titel :
Grid Computing, 2003. Proceedings. Fourth International Workshop on
Print_ISBN :
0-7695-2026-X
DOI :
10.1109/GRID.2003.1261703
