Blair Dillaway

Learn More
Grid access control policy languages today are generally one of two extremes: either extremely simplistic, or overly complex and challenging for even security experts to use. In this paper, we explicitly identify requirements for an access control policy language for grid data and then consider six specific data access use-cases that have been problematic(More)
A central task in the context of logic-based decentralized authorization languages is that of gathering credentials from credential providers, required by the resource guard’s policy to grant a user’s access request. This paper presents an abduction-based algorithm that computes a specification of missing credentials without communicating(More)
The problem of authorization in large-scale decentralized systems has been addressed by a number of logic-based policy languages utilizing delegation of authority and distributed security credentials. A central task in this context is that of gathering a set of credentials for a given access request. Previous approaches have focused on methods in which(More)
Cycle-scavenging grids appeal to organizations with large numbers of workstations that remain idle outside of working hours as potential sources of grid computing cycles, but security and isolation issues that come with the use of non-dedicated resources have slowed their adoption in the enterprise. In this paper we present Cyclotron, a prototype(More)
The Security Policy Assertion Language (SecPAL) provides a flexible and robust declarative authorization language developed for large-scale Grid Computing Environments (GCEs). This specification describes the XML syntax and data encoding conventions required to support an implementation of SecPAL. By using or providing feedback on the SecPAL Specification(More)
This document defines the HPC Basic Profile, consisting of a set of non-proprietary specifications, along with clarifications, refinements, interpretations and amplifications of those specifications which promote interoperability. The single use-case addressed in this Profile is the " Base Case " (Section 2) of [HPC-U].