Using SAML-Based VOMS for Authorization within Web Services-Based UNICORE Grids

Abstract

In recent years, the Virtual Organization Membership Service (VOMS) emerged within Grid infrastructures providing dynamic, fine-grained, access control needed to enable resource sharing across Virtual Organization (VOs). VOMS allows to manage authorization information in a VO scope to enforce agreements established between VOs and resource owners. VOMS is used for authorization in the EGEE and OSG infrastructures and is a core component of the respective middleware stacks gLite and VDT. While a module for supporting VOMS is also available as part of the authorization service of the Globus Toolkit, there is currently no support for VO-level authorization within the new Web services-based UNICORE 6. This paper describes the evolution of VOMS towards an open standard compliant service based on the Security Assertion Markup Language (SAML), which in turn provides mechanisms to fill the VO-level authorization service gap within Web service-based UNICORE Grids. In addition, the SAML-based VOMS allows for cross middleware VO management through open standards.

DOI: 10.1007/978-3-540-78474-6_15
View Slides

Extracted Key Phrases

Cite this paper

@inproceedings{Venturi2007UsingSV, title={Using SAML-Based VOMS for Authorization within Web Services-Based UNICORE Grids}, author={Valerio Venturi and Morris Riedel and Ahmed Shiraz Memon and M. Shahbaz Memon and Federico Stagni and Bernd Schuller and Daniel Mallmann and Bastian Tweddell and Alberto Gianoli and Sven van den Berghe and David F. Snelling and Achim Streit}, booktitle={Euro-Par Workshops}, year={2007} }