CROWN-ST: A Security and Trustworthiness Architecture for CROWN

CROWN is a service-oriented grid computing middleware enabling resources integration in multiple heterogeneous domains and establishing dynamic cooperative relationship among researchers nationwide and worldwide. However, several security challenges should be addressed in CROWN due to the heterogeneous distribution of resources and the dynamic collaborations and resource sharing. In this paper, we present a security and trustworthiness architecture, CROWN-ST, for CROWN. The aim of this architecture is to provide a fine-grained and extensible framework for security and trustworthiness that enables employing distributed access control and dynamic trust establishment among service providers and consumers in a Grid environment. Based on this open and flexible architecture, a series of fundamental services which consist of secure communication, authentication, access control, credential federation, trust management and negotiation are implemented. Finally, comprehensive experimental studies are conducted to demonstrate the feasibility and performance of current CROWN-ST implementation.