The Community Authorization Service: Status and Future
L. Pearlman, V. Welch, I. Foster, C. Kesselman, S. Tuecke
TL;DR
The paper discusses the Community Authorization Service (CAS), a system enabling virtual organizations to manage and enforce consistent policies across multiple resource domains with varying capabilities.
Contribution
It introduces CAS as a solution for policy delegation and control in virtual organizations, detailing its implementation and future research directions.
Findings
CAS allows resource providers to delegate policy authority.
Implementations of CAS demonstrate its practical viability.
Future research plans aim to enhance CAS capabilities.
Abstract
Virtual organizations (VOs) are communities of resource providers and users distributed over multiple policy domains. These VOs often wish to define and enforce consistent policies in addition to the policies of their underlying domains. This is challenging, not only because of the problems in distributing the policy to the domains, but also because of the fact that those domains may each have different capabilities for enforcing the policy. The Community Authorization Service (CAS) solves this problem by allowing resource providers to delegate some policy authority to the VO while maintaining ultimate control over their resources. In this paper we describe CAS and our past and current implementations of CAS, and we discuss our plans for CAS-related research.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsCloud Computing and Resource Management · Access Control and Trust · Distributed and Parallel Computing Systems