By Topic

Using SAML and XACML for Complex Authorisation Scenarios in Dynamic Resource Provisioning

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Demchenko, Y. ; Syst. & Network Eng. Group, Amsterdam Univ. ; Gommans, L. ; de Laat, C.

This paper presents ongoing research and current results on the development of flexible access control infrastructures for complex resource provisioning in grid-based collaborative applications and on-demand network services provisioning. The paper identifies basic resource provisioning models and specifies major requirements to authorisation (AuthZ) service infrastructure to support these models and focus on two main issues - AuthZ session support and policy expression for complex resource models. For the practical implementation, we investigate the use of two popular standards SAML and XACML for complex authorisation scenarios in dynamic resource provisioning across multiple administrative and security domains. The paper describes a proposed XML based AuthZ ticket format that is capable of supporting extended AuthZ session context. Additionally, the paper discusses what specific functionality should be added to existing grid-oriented authorization frameworks to handle dynamic domain-related security context including AuthZ session support. The paper is based on experiences gained from major grid based and grid oriented projects such as EGEE, NextGrid, Phosphorus and GigaPort research on network

Published in:

Availability, Reliability and Security, 2007. ARES 2007. The Second International Conference on

Date of Conference:

10-13 April 2007