Chadwick, David W. (2003) An Authorisation Interface for the GRID. In: E-Science All Hands Meeting 2003, Nottingham, 2003, Nottingham.
|The full text of this publication is not available from this repository. (Contact us about this Publication)|
The provision of one or more separate authorisation infrastructures, comparable to the existing Grid authentication infrastructure, is desirable, since it will allow Grid applications to plug and play different authorisation infrastructures in order to choose the best one for their needs. The first half of this paper describes the features that are needed from this interface. Whilst it is possible to standardise every conceivable feature of this interface, it is not practical in the short term, since no existing authorisation infrastructure could easily comply with it, nor are we yet sure of the full set of requirements. Rather, this paper presents the basic minimum set of features that are needed to provide an initial plug and play functionality. Other features, such as a management interface, may be standardised in the future, whilst yet other features may continue to be met in an implementation specific manner. The second half of this paper provides a brief introduction to the Security Assertions Markup Language (SAML) and says how each of the initial authorisation interface requirements can be met by either the basic SAMLv1.0 specification or by extensions to it. The paper concludes by anticipating the future standardisation effort that will be needed to completely specify an authorisation interface for the Grid.
|Item Type:||Conference or workshop item (UNSPECIFIED)|
|Subjects:||Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,|
|Divisions:||Faculties > Science Technology and Medical Studies > School of Computing > Security Group|
|Depositing User:||Mark Wheadon|
|Date Deposited:||24 Nov 2008 18:00|
|Last Modified:||15 Mar 2009 19:59|
|Resource URI:||http://kar.kent.ac.uk/id/eprint/13915 (The current URI for this page, for reference purposes)|
- Depositors only (login required):