Skip to:

Publication Abstract

Architecture for a Secure Distributed Repository

Haupt, T., Kalyanasundaram, A., & Zhuk, I. (2006). Architecture for a Secure Distributed Repository. 7th IEEE/ACM International Conference on Grid Computing. Barcelona, Spain: IEEE/ACM Press. 170-177.

This paper presents and discusses the design and implementation of authorization mechanisms for a data repository service for Grid environments that supports secure sharing of possibly confidential data by members of ad-hoc created groups. Such a system requires the separation of the repository into independent components thus adding to the complexity of the authorization mechanisms that protect both the storage service against unauthorized and possible malicious use, and intellectual property and confidentiality of the user's data. The solution proposed here extends the VOMS architecture, in favor of the other architectures for efficiency. The authorization is group-based with Group Membership Authorization Service responsible for maintaining the user roles in a virtual organization (i.e., the membership in a group). The user can now securely access data in a distributed repository by collecting SAML assertions from the component services and creating a complete assertion document that allows it to retrieve data from a data service.