• DocumentCode
    2552386
  • Title

    Policy administration control and delegation using XACML and Delegent

  • Author

    Seitz, Ludwig ; Rissanen, Erik ; Sandholm, Thomas ; Firozabadi, Babak Sadighi ; Mulmo, Olle

  • Author_Institution
    LIRIS, INSA, Lyon, France
  • fYear
    2005
  • fDate
    13-14 Nov. 2005
  • Abstract
    In this paper we present a system permitting controlled policy administration and delegation using the XACML access control system. The need for these capabilities stems from the use of XACML in the SweGrid Accounting System, which is used to enforce resource allocations to Swedish research projects. Our solution uses a second access control system Delegent, which has powerful delegation capabilities. We have implemented limited XML access control in Delegent, in order to supervise modifications of the XML-encoded XACML policies. This allows us to use the delegation capabilities of Delegent together with the expressive access level permissions of XACML.
  • Keywords
    XML; accounting; authorisation; grid computing; Delegent; SweGrid Accounting System; XACML access control system; XML access control; XML-encoded XACML policies; access level permissions; grid computing; policy administration control; policy delegation; resource allocation; Access control; Authorization; Computer networks; Control systems; Grid computing; Peer to peer computing; Permission; Resource management; Silicon carbide; XML;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Grid Computing, 2005. The 6th IEEE/ACM International Workshop on
  • Print_ISBN
    0-7803-9492-5
  • Type

    conf

  • DOI
    10.1109/GRID.2005.1542723
  • Filename
    1542723
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2552386