分布式存储系统的数据访问授权

The 6th IEEE/ACM International Workshop on Grid Computing, 2005. Pub Date : 2005-11-13 DOI:10.1109/GRID.2005.1542739

D. Feichtinger, A. Peters

{"title":"分布式存储系统的数据访问授权","authors":"D. Feichtinger, A. Peters","doi":"10.1109/GRID.2005.1542739","DOIUrl":null,"url":null,"abstract":"This paper describes an efficient method for access authorization in distributed (grid) storage systems. Client applications obtain \"access tokens\" from an organization's file catalogue upon execution of a file name resolution request. Whenever a client application tries to access the requested files, the token is transparently passed to the target storage system. Thus the storage service can decide on the authorization of a request without itself having to contact the authorization service. The token is protected from access and modification by external parties using public key infrastructure. A prototype using the AliEn grid file catalogue and xrootd as a data server has been implemented. A detailed description of the prototype implementation is presented.","PeriodicalId":347929,"journal":{"name":"The 6th IEEE/ACM International Workshop on Grid Computing, 2005.","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"20","resultStr":"{\"title\":\"Authorization of data access in distributed storage systems\",\"authors\":\"D. Feichtinger, A. Peters\",\"doi\":\"10.1109/GRID.2005.1542739\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper describes an efficient method for access authorization in distributed (grid) storage systems. Client applications obtain \\\"access tokens\\\" from an organization's file catalogue upon execution of a file name resolution request. Whenever a client application tries to access the requested files, the token is transparently passed to the target storage system. Thus the storage service can decide on the authorization of a request without itself having to contact the authorization service. The token is protected from access and modification by external parties using public key infrastructure. A prototype using the AliEn grid file catalogue and xrootd as a data server has been implemented. A detailed description of the prototype implementation is presented.\",\"PeriodicalId\":347929,\"journal\":{\"name\":\"The 6th IEEE/ACM International Workshop on Grid Computing, 2005.\",\"volume\":\"13 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-11-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"20\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"The 6th IEEE/ACM International Workshop on Grid Computing, 2005.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/GRID.2005.1542739\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"The 6th IEEE/ACM International Workshop on Grid Computing, 2005.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/GRID.2005.1542739","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 20

摘要

本文提出了一种分布式(网格)存储系统中访问授权的有效方法。客户端应用程序在执行文件名解析请求时从组织的文件目录获得“访问令牌”。每当客户端应用程序尝试访问所请求的文件时，令牌就会透明地传递给目标存储系统。因此，存储服务可以决定请求的授权，而不必自己联系授权服务。令牌可以防止外部各方使用公钥基础设施访问和修改。已经实现了一个使用AliEn网格文件目录和xrootd作为数据服务器的原型。给出了原型实现的详细描述。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Authorization of data access in distributed storage systems

This paper describes an efficient method for access authorization in distributed (grid) storage systems. Client applications obtain "access tokens" from an organization's file catalogue upon execution of a file name resolution request. Whenever a client application tries to access the requested files, the token is transparently passed to the target storage system. Thus the storage service can decide on the authorization of a request without itself having to contact the authorization service. The token is protected from access and modification by external parties using public key infrastructure. A prototype using the AliEn grid file catalogue and xrootd as a data server has been implemented. A detailed description of the prototype implementation is presented.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

The 6th IEEE/ACM International Workshop on Grid Computing, 2005.

自引率

0.00%

发文量

期刊最新文献

Generic application description model: toward automatic deployment of applications on computational grids Web services and grid security vulnerabilities and threats analysis and model A semantic datagrid for combinatorial chemistry Auto-adaptive distributed hash tables Ad hoc grid security infrastructure