Chadwick, David W. and Zhao, G.S. and Otenko, Sassa and Laborde, R. and Su, Linying and Nguyen, Tuan Anh (2006) Building a Modular Authorization Infrastructure. In: All Hands Meeting. .
Authorization infrastructures manage privileges and render access control decisions, allowing applications to adjust their behavior according to the privileges allocated to users. This paper describes the PERMIS role based authorization infrastructure along with its conceptual authorisation, access control, and trust models. PERMIS has the novel concept of a credential validation service, which verifies a user’s credentials prior to access control decision making and enables the distributed management of credentials. Details of the design and the implementation of PERMIS are presented along with details of its integration with Globus Toolkit, Shibboleth and GridShib. A comparison of PERMIS with other authorization and access control implementations is given, along with our plans for the future.
|Item Type:||Book section|
|Additional information:||Available from : http://www.allhands.org.uk/2006/proceedings/papers/677.pdf|
|Uncontrolled keywords:||security, authorization, PERMIS|
|Subjects:||Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,|
|Divisions:||Faculties > Science Technology and Medical Studies > School of Computing > Security Group|
|Depositing User:||Mark Wheadon|
|Date Deposited:||24 Nov 2008 18:03|
|Last Modified:||31 Jul 2012 11:51|
|Resource URI:||http://kar.kent.ac.uk/id/eprint/14430 (The current URI for this page, for reference purposes)|
- Depositors only (login required):