Dynamic privilege management infrastructures utilising secure attribute exchange

Watt, J., Sinnott, R.O. and Stell, A.J. (2005) Dynamic privilege management infrastructures utilising secure attribute exchange. In: Cox, S.J. and Walker, D.W. (eds.) Proceedings of the UK e-Science All Hands Meeting 2005: Nottingham, UK : 19th - 22nd September 2005. Engineering and Physical Sciences Research Council: Swindon. ISBN 9781904425557

Full text not currently available from Enlighten.


Technologies which implement dynamic privilege management infrastructures will be crucial to the secure sharing of resources on the Grid, especially as the number of resources and participating sites increases. The DyVOSE project has successfully deployed Grid services secured with the PERMIS authorisation software implementing a static Privilege Management Infrastructure (PMI) model. The second stage of this project focuses on the extension of the current PERMIS infrastructure to include dynamic delegation of authority and cross-certification of institutional security policies. This paper describes the existing static PMI that has been used within the Grid Computing module as part of the advanced MSc at Glasgow University. We also outline an e-Science education use case that will be used to highlight how dynamic PMIs can be established using an extended version of PERMIS and utilising the Internet2 Shibboleth software to transfer user attributes and authentication tokens across institutional boundaries. This work addresses one of the key challenges in the Grid, supporting the dynamic establishment of secure Virtual Organisations (VOs).

Item Type:Book Sections
Glasgow Author(s) Enlighten ID:Stell, Mr Anthony and Watt, Dr John and Sinnott, Professor Richard
Authors: Watt, J., Sinnott, R.O., and Stell, A.J.
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
College/School:University Services > IT Services > Computing Service
Publisher:Engineering and Physical Sciences Research Council

University Staff: Request a correction | Enlighten Editors: Update this record