School of Computing

An Authorisation Interface for the GRID

D. W. Chadwick

In E-Science All Hands Meeting 2003, Nottingham, pages 182-196, September 2003.


The provision of one or more separate authorisation infrastructures, comparable to the existing Grid authentication infrastructure, is desirable, since it will allow Grid applications to plug and play different authorisation infrastructures in order to choose the best one for their needs. The first half of this paper describes the features that are needed from this interface. Whilst it is possible to standardise every conceivable feature of this interface, it is not practical in the short term, since no existing authorisation infrastructure could easily comply with it, nor are we yet sure of the full set of requirements. Rather, this paper presents the basic minimum set of features that are needed to provide an initial plug and play functionality. Other features, such as a management interface, may be standardised in the future, whilst yet other features may continue to be met in an implementation specific manner.

The second half of this paper provides a brief introduction to the Security Assertions Markup Language (SAML) and says how each of the initial authorisation interface requirements can be met by either the basic SAMLv1.0 specification or by extensions to it. The paper concludes by anticipating the future standardisation effort that will be needed to completely specify an authorisation interface for the Grid.

Download publication 41 kbytes (PDF)

Bibtex Record

author = {D. W. Chadwick},
title = {{A}n {A}uthorisation {I}nterface for the {GRID}},
month = {September},
year = {2003},
pages = {182-196},
keywords = {determinacy analysis, Craig interpolants},
note = {},
doi = {},
url = {},
    publication_type = {inproceedings},
    booktitle = {E-Science All Hands Meeting 2003, Nottingham},

School of Computing, University of Kent, Canterbury, Kent, CT2 7NF

Enquiries: +44 (0)1227 824180 or contact us.

Last Updated: 21/03/2014