Access control strategies for virtualized environments in grid computing systems

Anna Squicciarini, Elisa Bertino, Sebastien Goasguen

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Scopus citations

Abstract

The development of adequate security solutions and in particular of authentication and authorization techniques for grid computing systems is a challenging task. Challenges arise from the heterogeneity of users, the presence of multiple security administration entities, the heterogeneity of security techniques used at the various grid hosts, the scalability requirements, and the need for high-level policies concerning resource sharing. Recent trends, like accessing grid through science gateways and the use of virtual organizations (VO) for managing user communities, further complicate the problem of security for grid computing systems. Currently, the GSI component developed as part of the Globus Toolkit, the de-facto standard for grid infrastructures is not fully suited to meet those challenges. The main drawback of such an approach is that it relies on a low level identity-based authorization scheme. A low-level access control policy maps a user's identity (distinguished name) to a local account. Such approach does not scale and does not address many of the outlined requirements. We thus need security solutions that go beyond the simple solutions currently in use. The goal of this paper is to make a first step towards such solutions. The paper discusses and analyzes authentication and authorization solutions that better fit novel grid infrastructures characterized by virtual organizations and science gateways. Some of these solutions derive from ongoing work in current grid infrastructure projects; others are new proposals that we think worthy of discussion. In particular, we analyze the solutions proposed as part of the GridShib and the VO Privilege projects

Original languageEnglish (US)
Title of host publicationProceedings - FTDCS 2007
Subtitle of host publication11th IEEE International Workshop on Future Trends of Distributed Computing Systems
Pages48-54
Number of pages7
DOIs
StatePublished - Aug 2 2007
EventFTDCS 2007: 11th IEEE International Workshop on Future Trends of Distributed Computing Systems - Sedona, AZ, United States
Duration: Mar 21 2007Mar 23 2007

Publication series

NameProceedings of the IEEE Computer Society Workshop on Future Trends of Distributed Computing Systems

Other

OtherFTDCS 2007: 11th IEEE International Workshop on Future Trends of Distributed Computing Systems
CountryUnited States
CitySedona, AZ
Period3/21/073/23/07

All Science Journal Classification (ASJC) codes

  • Engineering(all)
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Access control strategies for virtualized environments in grid computing systems'. Together they form a unique fingerprint.

Cite this