Issues in the Globus Security Model
Credential. A credential is a piece of information that is used to prove the identity of a subject. Examples of a credential include passwords and private keys. We distinguish between credentials that are introduced by Globus, Globus credential, and credentials that are used only on a specific resource, resource credential,
Subject. Authorization is the process by which we determine if a subject is allowed to access or use and object. In Globus, a subject is generally a user, or a process operating on behalf of a user.
- A Globus subject is a subject that is recognized by components in the Globus system.
- A resource subject is a subject that is only recognized by a specific resource.
Trust. We say that A trusts B if A assumes that any information sighed by B is believed by B to be "correct".
Trust Domain. A trust domain is an administrative structure within which local security policy holds. For example, authentication may not be required between subjects within a trust domain.