Workflow-based authorization service in the grid

Seung Hyun Kim; Kyong Hoon Kim; Jong Kim; Sung Je Hong; Sangwan Kim

doi:10.1007/s10723-004-2080-1

Workflow-based authorization service in the grid

Seung Hyun Kim, Kyong Hoon Kim, Jong Kim, Sung Je Hong, Sangwan Kim

Research output: Contribution to journal › Article › peer-review

3 Scopus citations

Abstract

In a distributed environment, a specific right may be required while a task is controlled and processed. A user should delegate enough rights to a task for processing. Tasks cannot work correctly if delegated rights are insufficient, or security threats may occur if delegated rights are excessive. Restricted delegation is the step that delegates proper rights to a task, and that enables fine-grained authorization in the Grid. In this paper, we propose the WAS architecture as a method for supporting restricted delegation and rights management. In contrast to traditional architecture, the WAS architecture uses a workflow that describes the sequence of rights required for normal execution of a task. By using the workflow, the WAS architecture is able to check whether the task exercises allowed rights. The WAS architecture is implemented on Globus toolkit 2.0 and extended on Globus toolkit 3.0.

Original language	English
Pages (from-to)	43-55
Number of pages	13
Journal	Journal of Grid Computing
Volume	2
Issue number	1
DOIs	https://doi.org/10.1007/s10723-004-2080-1
State	Published - 2004

Keywords

Fine-grained authorization service
Grid security
Restricted delegation
Workflow-based authorization

Access to Document

10.1007/s10723-004-2080-1

Cite this

@article{66b4250372f74ae49002bb070fe7449a,

title = "Workflow-based authorization service in the grid",

abstract = "In a distributed environment, a specific right may be required while a task is controlled and processed. A user should delegate enough rights to a task for processing. Tasks cannot work correctly if delegated rights are insufficient, or security threats may occur if delegated rights are excessive. Restricted delegation is the step that delegates proper rights to a task, and that enables fine-grained authorization in the Grid. In this paper, we propose the WAS architecture as a method for supporting restricted delegation and rights management. In contrast to traditional architecture, the WAS architecture uses a workflow that describes the sequence of rights required for normal execution of a task. By using the workflow, the WAS architecture is able to check whether the task exercises allowed rights. The WAS architecture is implemented on Globus toolkit 2.0 and extended on Globus toolkit 3.0.",

keywords = "Fine-grained authorization service, Grid security, Restricted delegation, Workflow-based authorization",

author = "Kim, \{Seung Hyun\} and Kim, \{Kyong Hoon\} and Jong Kim and Hong, \{Sung Je\} and Sangwan Kim",

year = "2004",

doi = "10.1007/s10723-004-2080-1",

language = "English",

volume = "2",

pages = "43--55",

journal = "Journal of Grid Computing",

issn = "1570-7873",

publisher = "Springer Netherlands",

number = "1",

}

TY - JOUR

T1 - Workflow-based authorization service in the grid

AU - Kim, Seung Hyun

AU - Kim, Kyong Hoon

AU - Kim, Jong

AU - Hong, Sung Je

AU - Kim, Sangwan

PY - 2004

Y1 - 2004

N2 - In a distributed environment, a specific right may be required while a task is controlled and processed. A user should delegate enough rights to a task for processing. Tasks cannot work correctly if delegated rights are insufficient, or security threats may occur if delegated rights are excessive. Restricted delegation is the step that delegates proper rights to a task, and that enables fine-grained authorization in the Grid. In this paper, we propose the WAS architecture as a method for supporting restricted delegation and rights management. In contrast to traditional architecture, the WAS architecture uses a workflow that describes the sequence of rights required for normal execution of a task. By using the workflow, the WAS architecture is able to check whether the task exercises allowed rights. The WAS architecture is implemented on Globus toolkit 2.0 and extended on Globus toolkit 3.0.

AB - In a distributed environment, a specific right may be required while a task is controlled and processed. A user should delegate enough rights to a task for processing. Tasks cannot work correctly if delegated rights are insufficient, or security threats may occur if delegated rights are excessive. Restricted delegation is the step that delegates proper rights to a task, and that enables fine-grained authorization in the Grid. In this paper, we propose the WAS architecture as a method for supporting restricted delegation and rights management. In contrast to traditional architecture, the WAS architecture uses a workflow that describes the sequence of rights required for normal execution of a task. By using the workflow, the WAS architecture is able to check whether the task exercises allowed rights. The WAS architecture is implemented on Globus toolkit 2.0 and extended on Globus toolkit 3.0.

KW - Fine-grained authorization service

KW - Grid security

KW - Restricted delegation

KW - Workflow-based authorization

UR - https://www.scopus.com/pages/publications/84855384707

U2 - 10.1007/s10723-004-2080-1

DO - 10.1007/s10723-004-2080-1

M3 - Article

AN - SCOPUS:84855384707

SN - 1570-7873

VL - 2

SP - 43

EP - 55

JO - Journal of Grid Computing

JF - Journal of Grid Computing

IS - 1

ER -

Workflow-based authorization service in the grid

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this