1st International ICST Workshop on Security, Trust and Privacy in Grid Systems

Research Article

Platform to enforce multiple access control policy in grid hosting environment

  • @INPROCEEDINGS{10.1109/SECCOM.2007.4550332,
        author={Leonardo Mattes and Leonardo C. Militelli and Jo\"{a}o Antonio Zuffo},
        title={Platform to enforce multiple access control policy in grid hosting environment},
        proceedings={1st International ICST Workshop on Security, Trust and Privacy in Grid Systems},
        publisher={IEEE},
        proceedings_a={GRID-STP},
        year={2008},
        month={6},
        keywords={Access control  Distributed computing  Grid computing  Intrusion detection  Java  Logic  Resource management  Security  System testing  Technology management},
        doi={10.1109/SECCOM.2007.4550332}
    }
    
  • Leonardo Mattes
    Leonardo C. Militelli
    João Antonio Zuffo
    Year: 2008
    Platform to enforce multiple access control policy in grid hosting environment
    GRID-STP
    IEEE
    DOI: 10.1109/SECCOM.2007.4550332
Leonardo Mattes1,*, Leonardo C. Militelli1,*, João Antonio Zuffo1,*
  • 1: Laboratório de Sistemas Integráveis – Universidade de São Paulo (USP) Caixa Postal 15.064 – 91.501-970 – São Paulo – SP – Brazil
*Contact email: leo@lsi.usp.br, leonardo@lsi.usp.br, jazuffo@lsi.usp.br

Abstract

Computational grid aims to get a better improvement of the existents resources by the use of distributed and flexible systems. However, the utilization of this system brings new challenges in relation to security, requiring an access control service that can be adequate for different conditions of heterogeneous environments and allows its integration with pre existents mechanism. This work presents a flexible platform that integrates multiple policy models to enforce access control in grid hosting environments by controlling the actions of submitted applications. The results of the operational test show how the current platform can realize access control based on IDS systems and enforces a Least Privilege policy model.