Skip to Main Content
In a distributed environment, specific rights may be required while a task is controlled and processed. A user should delegate enough rights to a task for processing. Tasks cannot work correctly if delegated rights are insufficient, or security threats may occur if delegated rights are excessive. Restricted delegation is the step that delegates proper rights to a task, and that enables finegrained authorization in grid. We propose WAS architecture as the method for supporting restricted delegation and rights management. In contrast to traditional architecture, WAS architecture uses a workflow that describes the sequence of rights required for normal execution of a task. By using the workflow, WAS architecture is able to check whether the task exercises allowed rights. WAS architecture is implemented on Globus toolkit 2.0.