| | 1 | = ABAC access control for Fedd = |
| | 2 | |
| | 3 | The [http://www.isso.sparta.com/research_projects/security_infrastructure/abac_overview.html ABAC] access control system, developed at Stanford and realized by a group in Trusted Information Systems that later moved to SPARTA, is a formal, flexible, scalable access control system based on formal derivation of user attributes, attested by other trusted users. We have been [http://groups.geni.net/geni/wiki/TIEDABACModel planning] to integrate it into fedd for some time. We have recently implemented ABAC in a [http://abac.deterlab/net portable library] and this implementation has been integrated into fedd. Under our associated TIED project, we have completed a similar [http://groups.geni.net/geni/attachment/wiki/TIED/ABAC_GENIAPIv1.2.pdf integration] with GENI's [http://trac.gpolab.bbn.com/gcf reference aggregate manager], part of their developing [http://groups.geni.net/geni/wiki/GeniApi GENI API]. |
| | 4 | |
| | 5 | This page describes the use of ABAC with fedd, concentrating on using the transition tools to create initial ABAC credential stores from which to run fedd. In order to get the most from this page, you should be familiar with |
| | 6 | |
| | 7 | * [http://groups.geni.net/geni/wiki/TIEDABACModel The ABAC model] as it is used by DETER. |
| | 8 | * There is a [http://groups.geni.net/geni/wiki/TIEDABACDemo worked example] that can be helpful here |
| | 9 | * The existing [FeddDatabases fedd access databases] |
| | 10 | |
| | 11 | |
| | 12 | |
