Screenshot
Future concepts of authentication and authorization in grid computing
An Outlook by the example of D-Grid Achieving Sustainability for Grids
English
Videovortrag
Erstellt am: 19.03.2009
Aktivität: 

(0 Bewertung(en))

Flash
00:42:31
208 MB
Keywords: Sicherheit, VOMS, D-Grid
Zusammenfassung:

Different Grid infrastructures, as well as the German Grid Initiative (D-Grid), currently rely on simple identity-based mechanisms to authorize their users by mapping identities represented by user certificates to local system accounts. This simple way of authorization more and more meets its limits and new more fine-grained mechanisms for authorization have to be identified and implemented. An up-and-coming approach to authorization is attribute-based authorization, as the generalization of Role Based Access Control (RBAC), which comes to authorization decisions based on user attributes. Attribute Authorities (AA) make user attributes available. In D-Grid currently the Virtual Organization Membership Service (VOMS) is the only available AA, but it is also aspired to use campus attributes for authorization made available by users’ home organizations via Internet2’s Shibboleth. Additionally home organizations’ identity management can be used for authentication of Grid users by mapping registered identities to Short-Lived Certificates, which in turn can be used for Grid authentication.
Zielgruppe:

Mitarbeiter/innen von Rechenzentren, IT-Spezialist/innen in kleineren und mittleren Unternehmen, Anwender/innen, Fachleute der Grid-Community
Voraussetzungen:

Browser mit Flash-Plugin, Soundkarte, Audiozubehör
Copyright:

Benjamin Henne
Credits:

SuGI
Dieses Dokument ist Bestandteil folgender Dokumentsammlungen: