Journal of information and communication convergence engineering

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지

A Study on User Authorization for Grid Resources

  • Published : 2004.06.01
Download PDF
⟨ Previous Next ⟩

Abstract

We suggest resource authorization system based on RBAC admitting someone to access resources. In existing grid environment, The authorization mechanism on user's resource is to give users an authority on the basis of DN(Distinguished Name) of proxy certificate and map file mapped in local system ID by one-to-one. In this case, it is difficulty in resource management such as each accounting management, memory resource, and disk resource, if the number of users, who want to use them is increased. To solve this problem, we specify the role of user's task in extension fields of his proxy certificate instead of the authorization mechanism of user's ID and propose resource authorization system being able to access his resource.

Keywords

References

  1. Randy Butler Von Welch, Douglas Engert, Ian Foster, Steven Tuecke, John Volmer, Garl Kesselman, 'A National-Scale Authentication Infrastructure', IEEE, December. 2000. pp. 60-6
  2. IETF, 'GSS-API Extensions', Internet Draft, February 2002
  3. IETF, 'Internet X.509 Public Key Infrastructure Proxy Certificate Profile', RFC 2459, August 2001
  4. IETF, 'Internet X.509 Public Key Infrastructure Certificate Management Protocol', RFC 2510, March 1999
  5. Czajkowski, K., Fitzgerald, S., Foster, I. and Kesselman, C. 'Grid Information Services for Distributed Resource Sharing', 2001
  6. Gyung-Woo Kang, Hyung-Woo Park, 'A Trends of Research and Implementation in Grid', Communication of the Korea Information Science Society, Vol 20, No.2 pp.27, 2002. 2
  7. Foster, I., C. Kesselman, and S. Tuecke, 'The Anatomy of the Grid: Enabling Scalable Virtual Organizations,' International Journal of Supercomputer Applications, 2001
  8. http://www.gridforum.org/2_SEC/SEC.htm
  9. http://www-unix.globus.org/toolkit/
  10. Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, and Charles E. Youman 'Role-Based Access Control Models', IEEE Computer, vol. 29, no. 2, Feb. 1996
  11. Ravi S. Sandhu, 'Role-Based Access Control Features in Commercial Database Management Systems', Proceedings of NISSC, 1998