Single Sign-On in In-VIGO: Role-Based Access via Delegation Mechanisms Using Short-Lived User Identities

Santa Fe, New Mexico April 26-April 30

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/IPDPS.2004.1302930

18th International Parallel and Distr ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Sumalatha Adabala Articles by Andr? Matsunaga Articles by Maur?cio Tsugawa Articles by Renato Figueiredo Articles by Jos? A. B. Fortes

	ASCII Text	x
	Sumalatha Adabala, Andr? Matsunaga, Maur?cio Tsugawa, Renato Figueiredo, Jos? A. B. Fortes, "Single Sign-On in In-VIGO: Role-Based Access via Delegation Mechanisms Using Short-Lived User Identities," Parallel and Distributed Processing Symposium, International, vol. 1, pp. 22b, 18th International Parallel and Distributed Processing Symposium (IPDPS'04) - Papers, 2004.

	BibTex	x
	@article{ 10.1109/IPDPS.2004.1302930, author = {Sumalatha Adabala and Andr? Matsunaga and Maur?cio Tsugawa and Renato Figueiredo and Jos? A. B. Fortes}, title = {Single Sign-On in In-VIGO: Role-Based Access via Delegation Mechanisms Using Short-Lived User Identities}, journal ={Parallel and Distributed Processing Symposium, International}, volume = {1}, year = {2004}, isbn = {0-7695-2132-0}, pages = {22b}, doi = {http://doi.ieeecomputersociety.org/10.1109/IPDPS.2004.1302930}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Parallel and Distributed Processing Symposium, International TI - Single Sign-On in In-VIGO: Role-Based Access via Delegation Mechanisms Using Short-Lived User Identities SN - 0-7695-2132-0 SP EP A1 - Sumalatha Adabala, A1 - Andr? Matsunaga, A1 - Maur?cio Tsugawa, A1 - Renato Figueiredo, A1 - Jos? A. B. Fortes, PY - 2004 KW - null VL - 1 JA - Parallel and Distributed Processing Symposium, International ER -

Sumalatha Adabala, University of Florida

Andr? Matsunaga, University of Florida

Maur?cio Tsugawa, University of Florida

Renato Figueiredo, University of Florida

Jos? A. B. Fortes, University of Florida

Single Sign-On (SSO) is an essential desired feature of computational grids. Its implementation is challenging because resources cross administrative domains and are managed by heterogeneous access schemes. This paper presents an approach for Single Sign-On in a deployed functioning grid called In-VIGO. The approach relies on decoupling grid user accounts from local user accounts and making use of role-based access control lists. Role-based accesses via delegation mechanisms using short-lived user identities enable In-VIGO to handle interactive applications and application-specific authentication mechanisms. This capability is not present in existing grid architectures. SSO implementations for usage scenarios in In-VIGO are described to highlight the applicability of the proposed approach. In particular, access to interactive applications with their own security mechanisms, such as VNC, and access to remote data can be achieved using proxies that delegate In-VIGO user access via short-lived user identities.

Citation:

Sumalatha Adabala, Andr? Matsunaga, Maur?cio Tsugawa, Renato Figueiredo, Jos? A. B. Fortes, "Single Sign-On in In-VIGO: Role-Based Access via Delegation Mechanisms Using Short-Lived User Identities," ipdps, vol. 1, pp.22b, 18th International Parallel and Distributed Processing Symposium (IPDPS'04) - Papers, 2004

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.