By Topic

Authorization for metacomputing applications

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Gheorghiu, G. ; Inf. Sci. Inst., Univ. of Southern California, Marina del Rey, CA, USA ; Ryutov, T. ; Neuman, B.C.

One of the most difficult problems to be solved by metacomputing systems is to ensure strong authentication and authorization. The problem is complicated since the hosts involved in a metacomputing environment often span multiple administrative domains, each with its own security policy. This paper presents a distributed authorization model used by our resource allocation system, the Prospero resource manager. The main components of our design are extended access control lists (EACLs) and a general authorization and access application programming interface (GAA API). EACLs extend conventional ACLs to allow conditional restrictions on access rights. In the case of the Prospero resource manager, specific restrictions include limits on the computational resources to be consumed and on the characteristics of the applications to be executed by the system, such as name, version or endorser. The GAA API provides a general framework for applications to access the EACLs. We have built a prototype of the system

Published in:

High Performance Distributed Computing, 1998. Proceedings. The Seventh International Symposium on

Date of Conference:

28-31 Jul 1998