2005 | OriginalPaper | Buchkapitel
Grid Authorization Management Oriented to Large-Scale Collaborative Computing
verfasst von : Changqin Huang, Zhiting Zhu, Xianqing Wang, Deren Chen
Erschienen in: Computer Supported Cooperative Work in Design I
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
In this paper, we propose Subtask-based Authorization Service (SAS) architecture to fully secure a type of application oriented to engineering and scientific computing. We minimize privileges for task by decomposing the parallel task and re-allotting the privileges required for each subtask. Community authorization module describes and applies community policies of resource permission and privilege for resource usage or task management. It separates proxy credentials from identity credentials. We adopt a relevant policy and task management delegation to describe rules for task management. The ultimate privileges are formed by the combination of relevant proxy credential, subtask-level privilege certificate and community policy for this user, as well as they conform to resource policy. To enforce the architecture, we extend the RSL specification and the proxy certificate, modify Globus’s gatekeeper, jobmanager and the GASS library to allow authorization callouts, and evaluate the user’s job management requests and job’s resource request in the context of policies.