GGF18 Schedule
GridWorld/GGF18
September 11-14, 2006
Washington DC, USA

Tuesday, September 12
4:00 pm - 5:30 pm
Security Talks (90 mins)
Dillaway (Microsoft), Tan (Monash) & Abramson (Monash)
View Participants

Blair Dillaway, Software Architect, Microsoft Corporation

"A Unified Approach to Trust, Delegation, and Authorization in Large-scale Grids" - Blaid Dillaway (Microsoft)
The development of large-scale, multi-domain, Grid computing environments has highlighted the need for fine-grained control over trust relationships and delegated access rights. Existing approaches do not fully satisfactory these needs. They typically lack precision and/or require an undesirable reliance on centralized administration to be effective. In addition, one finds multiple independent mechanisms, with disparate semantics, being used to manage trust, delegation and authorization. This makes it difficult to understand the effective security in large distributed systems and complicates their management.

In this talk, we will present results from recent work focused on providing a more flexible and effective means of securing complex distributed systems. This led to the development of a unified approach for specifying trust, delegation, and authorization policies as well as security assertions about principals in the system. We will show how this can be used to express federated trusts, delegated access rights, and authorization policies applicable to Grid requirements and discuss its ability to support various operational models. An implementation will be demonstrated that uses an XML-based encoding of security policies and security tokens and fits naturally into a web services-based environment. We will walk through several examples showing how one can use this technology, along with a logic-based authorization algorithm we've developed, to achieve a highly flexible and uniform approach to controlling resource access in large-scale Grids.

Location: 147B
 
Rate This Session:
Rating: Comments:

 
    Slides:     Unified Approach to Trust, Delegation, and Authorization in Grids

> login   RSS RSS Contact Webmaster

OGFSM, Open Grid ForumSM, Grid ForumSM, and the OGF Logo are trademarks of OGF