학술논문
Authorization of data access in distributed storage systems
Document Type
Conference
Author
Source
The 6th IEEE/ACM International Workshop on Grid Computing, 2005. Grid Computing Grid Computing, 2005. The 6th IEEE/ACM International Workshop on. :7 pp. 2005
Subject
Language
ISSN
2152-1085
2152-1093
2152-1093
Abstract
This paper describes an efficient method for access authorization in distributed (grid) storage systems. Client applications obtain "access tokens" from an organization's file catalogue upon execution of a file name resolution request. Whenever a client application tries to access the requested files, the token is transparently passed to the target storage system. Thus the storage service can decide on the authorization of a request without itself having to contact the authorization service. The token is protected from access and modification by external parties using public key infrastructure. A prototype using the AliEn grid file catalogue and xrootd as a data server has been implemented. A detailed description of the prototype implementation is presented.