Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP

hp.com home

Technical Reports

printable version

HP Labs

» Research
» News and events
» Technical reports
» About HP Labs
» Careers @ HP Labs
» People
» Worldwide sites
» Downloads
Content starts here

Click here for full text: PDF

Security Infrastructure for A Web Service Based Resource Management System

Yan, Yong; Goss, Michael; Kumar, Raj


Keyword(s): symmetric key cryptography; authentication; access Control; integrity checking; Kerberos; global resource management; grid computing

Abstract: A global resource management system intents to aggregate all kinds of heterogeneous resources that are geographically distributed so that a uniform resource programming interface can be provided to applications. The emerging web service model with single SOAP-based RPC interface provides a good way to uniformly abstract underlying resources and hide the heterogeneity of resources. In a web service mode based resource management system, the security infrastructure is a paramount component. In this paper, we have designed and implemented a security infrastructure for a Web service model based global resource management system. In order to provide a secure shell around the global resource management system while keeping a simple Web access interface to the system, a Kerberos-like authentication system is built from the modification to the Kerberos model with a new set of authentication protocols while keeping the basic security mechanisms of the Kerberos. Our security infrastructure enforces Kerberos-like strong authentication and role-based access control. By encapsulating principals-to roles assignment into the service ticket, our system first seamlessly combines the Kerberos-like authentication with the role-based access control model. With the help of two security mechanisms: passport and service guard, transparent enforcement in the Web service messaging engine and the separate of security policy and security engine have been achieved so that our system can be easily extended and enhanced.

14 Pages

Back to Index

»Technical Reports

» 2009
» 2008
» 2007
» 2006
» 2005
» 2004
» 2003
» 2002
» 2001
» 2000
» 1990 - 1999

Heritage Technical Reports

» Compaq & DEC Technical Reports
» Tandem Technical Reports
Privacy statement Using this site means you accept its terms Feedback to HP Labs
© 2009 Hewlett-Packard Development Company, L.P.