Bezpečné logistické sítě ve virtuálních organizacích

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F07%3A00022477" target="_blank" >RIV/00216224:14610/07:00022477 - isvavai.cz</a>

Výsledek na webu

—

DOI - Digital Object Identifier

—

Jazyk výsledku

angličtina

Název v původním jazyce

Secure Logistical Networking in Virtual Organizations

Popis výsledku v původním jazyce

In this paper, we propose an architecture that extends Logistical Networking to use Grid authentication and authorization services. Our architecture guarantees that user is authenticated to all services included in network storage stack, the authorization granularity is also at the service level and all authorizations can be revoked at any moment by service providers. We also support access policies. These can limit maximum amount of distributed storage space allocated to a user or group of users or they can limit the maximum amount of time the client can keep his data within the distributed storage. Advanced access control to files is supported, administrators can define access conditions. The prototype implementation has been used to evaluate overhead associated with the security enhancement. This overhead is negligible for Auth, Allocate, Load, and Store commands if only capabilities are encrypted, the Copy command has a penalty of some 10ms (rather negligible for large data transfe

Název v anglickém jazyce

Secure Logistical Networking in Virtual Organizations

Popis výsledku anglicky

In this paper, we propose an architecture that extends Logistical Networking to use Grid authentication and authorization services. Our architecture guarantees that user is authenticated to all services included in network storage stack, the authorization granularity is also at the service level and all authorizations can be revoked at any moment by service providers. We also support access policies. These can limit maximum amount of distributed storage space allocated to a user or group of users or they can limit the maximum amount of time the client can keep his data within the distributed storage. Advanced access control to files is supported, administrators can define access conditions. The prototype implementation has been used to evaluate overhead associated with the security enhancement. This overhead is negligible for Auth, Allocate, Load, and Store commands if only capabilities are encrypted, the Copy command has a penalty of some 10ms (rather negligible for large data transfe

Druh

D - Stať ve sborníku

CEP obor

IN - Informatika

OECD FORD obor

—

Projekt

—

Návaznosti

Z - Vyzkumny zamer (s odkazem do CEZ)

Rok uplatnění

2007

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Cracow'06 Grid Workshop

ISBN

83-915141-7-X

ISSN

—

e-ISSN

—

Počet stran výsledku

9

Strana od-do

450-458

Název nakladatele

Academic Computer Centre CYFRONET AGH

Místo vydání

Krakow, Polsko

Místo konání akce

Krakow, Polsko

Datum konání akce

15. 10. 2006

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—