Loading [MathJax]/extensions/MathMenu.js
Using SAML and XACML for Complex Authorisation Scenarios in Dynamic Resource Provisioning | IEEE Conference Publication | IEEE Xplore
Subscribe
ADVANCED SEARCH
Conferences >The Second International Conf...

Using SAML and XACML for Complex Authorisation Scenarios in Dynamic Resource Provisioning

PDF
Yuri Demchenko; Leon Gommans; Cees de Laat
All Authors

Abstract:

This paper presents ongoing research and current results on the development of flexible access control infrastructures for complex resource provisioning in grid-based col...Show More

Metadata

Abstract:

This paper presents ongoing research and current results on the development of flexible access control infrastructures for complex resource provisioning in grid-based collaborative applications and on-demand network services provisioning. The paper identifies basic resource provisioning models and specifies major requirements to authorisation (AuthZ) service infrastructure to support these models and focus on two main issues - AuthZ session support and policy expression for complex resource models. For the practical implementation, we investigate the use of two popular standards SAML and XACML for complex authorisation scenarios in dynamic resource provisioning across multiple administrative and security domains. The paper describes a proposed XML based AuthZ ticket format that is capable of supporting extended AuthZ session context. Additionally, the paper discusses what specific functionality should be added to existing grid-oriented authorization frameworks to handle dynamic domain-related security context including AuthZ session support. The paper is based on experiences gained from major grid based and grid oriented projects such as EGEE, NextGrid, Phosphorus and GigaPort research on network
Published in: The Second International Conference on Availability, Reliability and Security (ARES'07)
Date of Conference: 10-13 April 2007
Date Added to IEEE Xplore: 23 April 2007
Print ISBN:0-7695-2775-2
DOI: 10.1109/ARES.2007.157
Conference Location: Vienna, Austria
Citations are not available for this document.
Contents

1. Introduction

The research community and processing industry makes extensive use of advanced computing resources and unique equipment which are associated and virtualised in a form of the Virtual Laboratory (VL) or Virtual Organisation (VO). Such a virtualisation of resources and users can be created on-demand dynamically using available Grid technologies and middleware, based on experiment or service agreement and terminated once the experiment has been completed or service/resource delivered or consumed. Important component of the distributed VL infrastructure is a dedicated network infrastructure that should also be provisioned on-demand. Both VL workspace and on-demand network infrastructure provisioning can be considered as particular cases of the general Complex Resource Provisioning (CRP).

Cites in Papers - |

Cites in Papers - Other Publishers (2)

1.
Andreas Klenk, Tobias Heide, Benoit Radier, Mikael Salaun, Georg Carle, Kommunikation in Verteilten Systemen (KiVS), pp.253, 2009.
CrossRef
2.
Yuri Demchenko, Olle Mulmo, Leon Gommans, Cees de Laat, Alfred Wan, "Dynamic security context management in Grid-based applications", Future Generation Computer Systems, vol.24, no.5, pp.434, 2008.
CrossRef Google Scholar
Contact IEEE to Subscribe
More Like This
Bundle authentication and authorization using XML security in the OSGi service platform

Fourth Annual ACIS International Conference on Computer and Information Science (ICIS'05)

Published: 2005

The Application of XML and Web service on Database Security Control Mode in Pervasive Space

2008 Third International Conference on Pervasive Computing and Applications

Published: 2008

Show More

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.