Information Technology Reference
In-Depth Information
the attribute release policies, attribute acceptance policies, and how they
might be implemented can be achieved.
In addition to these efforts, the web service standards community
OASIS, IETF, and W3C among numerous others are producing a plethora
of specii cations, which, in principle,
could help simplify grid security;
however, there is still considerable l uidity in these developments with
partial/draft specii cations, full specii cations, and a variety of implemen-
tations existing. Single sign-on solutions to services at numerous sites, and
complementary efforts within the Liberty Alliance consortia offer poten-
tial solutions of direct relevance to the grid community in its move toward
web-based solutions and service-oriented architectures. Similarly, the Web
2.0 community through efforts such as OpenId [38] is proposing yet more
security solutions. The security future thus remains in considerable l ux.
References
1. R. Housley and T. Polk,
Planning for PKI: Best Practices Guide for Deploying
Public Key Infrastructures
, Wiley Computer Publishing, New York, 2001.
2. ITU-T Recommendation X.509 (2001) Information Technology— Open
Systems Interconnection—Public-Key and Attribute Certii cate Frameworks.
ISO/IEC 9594-8: 2001.
3. Internet2 Shibboleth Initiative. Available at: http://shibboleth.internet2.edu.
4. UK e-Science National Grid Service. Available at: http://www.ngs.ac.uk.
5. UK e-Science Certii cation Authority. Available at: http://www.grid- support.
ac.uk/ca.
6. Globus project. Available at: http://www.globus.org.
7. Globus Grid Security Infrastructure (GSI). Available at: http://www.globus.
org/toolkit/docs/4.0/security.
8. R. Sandhu, E.J. Coyne, H.L. Feinstein, H.L. and C.E. Youman, “Role-based
access control models,”
IEEE Computer
, 29 (2), 38-47, 1996.
9. OASIS, Assertions and Protocol for the OASIS Security Assertion Markup
Language (SAML) v.1, September 2003. Available at: http://www.oasis-
open.org/specs/#samlv1.0.
10. W3C Simple Object Access Protocol. Available at: http://www.w3.org/TR/
soap.
11. MyProxy Credential Management Service. Available at: http://grid.ncsa.uiuc.
edu/myproxy.
12. L. Pearlman, V. Welch, I. Foster, C. Kesselman, and S. Tuecke, “A community
authorization service for group collaboration,” in
Proceedings of 3rd IEEE
International Workshop on Policies for Distributed Systems and Networks
,
pp. 50-59, Monterey, CA, 2002.
13. R. Ali eri et al.,
Managing Dynamic User Communities in a Grid of Autonomous
Resources
, Conference for Computing in High-Energy and Nuclear Physics
(CHEP), La Jolla, San Diego, March, 2003.
Search WWH ::
Custom Search