Using SAML Callout to Realize Access Restriction for Geospatial Grid Services
It is currently one of the hottest research areas of geospatial informatics to integrate OGC specifications with Globus-based Grid technology to develop geospatial Grid. In Grid systems, the security of resources outsourced from multiple organizations is very critical. However, the authorization mechanisms provided in the Globus Toolkit cannot realize the fine-grained and geospatial access control requirements of geospatial Grid Services. In this paper, we employ the GeoXACML specification to define geospatial access control policies and rules. In addition, we take advantage of the SAML Callout mechanism in the Globus Toolkit to resort to the thirdparty authorization service to secure the access to geospatial Grid services. The outer authorization service makes access decisions against GeoXACML-formatted policies and rules, which are defined according to the specific access control requirements. The system reference framework is also proposed and its components and control flow are explained.
Grid Access Control Geospatial Semantics GeoXACM SAML Callout PERMIS
Jiayuan LIN Yu FANG Bin CHEN
Institute of Remote Sensing and GIS Peking University Beijing, P.R.China
国际会议
第七届网格与协同计算国际会议(Seventh International Conference on Grid and Cooperative Computing GCC 2008)
深圳
英文
583-588
2008-10-24(万方平台首次上网日期,不代表论文的发表时间)