— Access control in computational grids is typically provided by a combination of identity certificates and local accounts. This approach does not scale as the number of users and resources increase. Moreover, identity-based access control is not sufficient because users and resources may reside in different security domains and may not have pre-existing knowledge about one another. Trust negotiation is well-suited for Grid computing because it allows participants to establish mutual trust based on attributes other than identity. The Adaptive Trust Negotiation and Access Control (ATNAC) framework addresses the problem of access control in open systems by protecting itself from adversaries who may want to misuse, exhaust or deny service to resources. ATNAC is based on the GAA-API, which provides adaptive access control capturing dynamically changing system security requirements. The GAAAPI utilizes TrustBuilder to establish a sufficient level of trust between the negotiating partic...
Tatyana Ryutov, Li Zhou, B. Clifford Neuman, Noria