A community authorization service for group collaboration

Top Cited Papers

Abstract

In "grids" and "collaboratories", we find distributed communities of resource providers and resource consumers, within which often complex and dynamic policies govern who can use which resources for which purpose. We propose a new approach to the representation, maintenance and enforcement of such policies that provides a scalable mechanism for specifying and enforcing these policies. Our approach allows resource providers to delegate some of the authority for maintaining fine-grained access control policies to communities, while still maintaining ultimate control over their resources. We also describe a prototype implementation of this approach and an application in a data management context.

Keywords

This publication has 14 references indexed in Scilit:

Proxy-based authorization and accounting for distributed systems
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2002
A logical language for expressing authorizations
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2002
The Anatomy of the Grid: Enabling Scalable Virtual Organizations
The International Journal of High Performance Computing Applications, 2001
Secure virtual enclaves
ACM Transactions on Information and System Security, 2001
Translating Role-Based Access Control Policy within Context
Lecture Notes in Computer Science, 2001
The data grid: Towards an architecture for the distributed management and analysis of large scientific datasets
Journal of Network and Computer Applications, 2000
A security architecture for computational grids
Published by Association for Computing Machinery (ACM) ,1998
The reality of collaboratories
Computer Physics Communications, 1998
Secure end-to-end delegations in distributed systems
Computer Communications, 1994
The Design of a Capability-Based Distributed Operating System
The Computer Journal, 1986

Cited by 297 articles