Privacy-Preserving Attribute Distribution Mechanism for Access Control in a Grid

Author

Park, Sang M. ; Chung, Soon M.

Author_Institution

Dept. of Comput. Sci. & Eng., Wright State Univ., Dayton, OH, USA

fYear

2009

fDate

2-4 Nov. 2009

Firstpage

308

Lastpage

313

Abstract

This paper presents a privacy-preserving attribute distribution mechanism for an identity federation framework. Attribute-based access control (ABAC) is a highly flexible and scalable access control scheme which can deal with diverse security requirements in grid environment. However, in ABAC the user attributes delivered by the Identity Providers for authorization decisions may cause some privacy violation. We developed an attribute release control scheme that can improve the privacy protection capability of the current security systems in grids. The Shibboleth identity provider, GridShib, and Globus toolkit are used for our implementation.

Keywords

authorisation; data privacy; grid computing; Globus toolkit; Shibboleth identity provider; attribute-based access control; grid access control; identity federation framework; privacy-preserving attribute distribution mechanism; Access control; Artificial intelligence; Authentication; Authorization; Identity management systems; Privacy; Protection; Resource management; Scalability; Security; Grid; Shibboleth; attribute-based access control; privacy-preserving;

fLanguage

English

Publisher

ieee

Conference_Titel

Tools with Artificial Intelligence, 2009. ICTAI '09. 21st International Conference on

Conference_Location

Newark, NJ

ISSN

1082-3409

Print_ISBN

978-1-4244-5619-2

Electronic_ISBN

1082-3409

Type

conf

DOI

10.1109/ICTAI.2009.128

Filename

5364745