Our experience with deploying PRM on a wide scale has shown that administrators are more willing to grant access to their workstations if they can restrict access to only users or organizations they trust. Administrators should also be able to specify restrictions on the specific applications allowed to use their computing resources. We have therefore introduced restrictions specific to this type of policy. Some of theses restrictions follow:
a) name of application:
| Token Type: application_name | ||
| Defining Authority: local_manager | ||
| Value: matlab |
b) name of interpreter, in case the application is written in an interpreted
language:
| Token Type: interpreter_name | ||
| Defining Authority: local_manager | ||
| Value: Tcl |
c) platform the application runs on:
| Token Type: application_platform | ||
| Defining Authority: local_manager | ||
| Value: Solaris |
d) version number for the application:
| Token Type: application_version | ||
| Defining Authority: local_manager | ||
| Value: 1.0 |
e) endorser or certifying authority for the application:
| Token Type: application_endorser | ||
| Defining Authority: local_manager | ||
| Value: Globus |