Single sign-on and authorization for dynamic virtual organizations

Sinnott, R.O., Ajayi, O., Stell, A.J., Watt, J. , Jiang, J. and Koetsier, J. (2006) Single sign-on and authorization for dynamic virtual organizations. International Federation for Information Processing, 224, pp. 555-564. (doi: 10.1007/978-0-387-38269-2_58)

[img] Text


Publisher's URL:


The vision of the Grid is to support the dynamic establishment and subsequent management of virtual organizations (VO). To achieve this presents many challenges for the Grid community with perhaps the greatest one being security. Whilst Public Key Infrastructures (PKI) provide a form of single sign-on through recognition of trusted certification authorities, they have numerous limitations. The Internet2 Shibboleth architecture and protocols provide an enabling technology overcoming some of the issues with PKIs however Shibboleth too suffers from various limitations that make its application for dynamic VO establishment and management difficult. In this paper we explore the limitations of PKIs and Shibboleth and present an infrastructure that incorporates single sign-on with advanced authorization of federated security infrastructures and yet is seamless and targeted to the needs of end users. We explore this infrastructure through an educational case study at the National e-Science Centre (NeSC) at the University of Glasgow and Edinburgh.

Item Type:Articles
Additional Information:The original publication is available at
Glasgow Author(s) Enlighten ID:Stell, Mr Anthony and Jiang, Mr Jipu and Sinnott, Professor Richard and Watt, Dr John
Authors: Sinnott, R.O., Ajayi, O., Stell, A.J., Watt, J., Jiang, J., and Koetsier, J.
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
College/School:University Services > IT Services > Computing Service
Journal Name:International Federation for Information Processing
Journal Abbr.:IFIP
ISSN (Online):1861-2288
Published Online:09 June 2007
Copyright Holders:Copyright © 2006 Springer
First Published:First published in International Federation for Information Processing 224:555-564
Publisher Policy:Reproduced in accordance with the copyright policy of the publisher.

University Staff: Request a correction | Enlighten Editors: Update this record