Title :
Flexible Authorization with Decentralized Access Control Model for Grid Computing
Author :
Zhang, Xinwen ; Li, Qi ; Seifert, Jean-Pierre ; Xu, Mingwei
Author_Institution :
Samsung Inf. Syst. America, San Jose
Abstract :
With the increasing complexity of dynamic and collaborative computing environments in grid, security management has become a critical factor. Although several approaches have been proposed, fully decentralized and efficient authorization management is still a challenging problem. We propose an access control scheme based on a group-based RBAC model for grid computing environments. By separating the administrations of users by VO level policies and permissions by resource or service provider policies, our scheme provides decentralized, autonomous, and fine-grained security management which fits the dynamic environment of grids, and can support ad-hoc collaborations. We implement a proof-of-concept prototype system by enhancing the access control module in grid file system (GFS) and specifying different levels of policies with XACML.
Keywords :
authorisation; grid computing; groupware; virtual enterprises; ad-hoc collaborations; authorization management; collaborative computing environments; decentralized access control model; fine-grained security management; flexible authorization; grid computing; grid file system; group-based RBAC model; proof-of-concept prototype system; security management; service provider policies; virtual organizations; Access control; Authorization; Collaboration; Environmental management; File systems; Grid computing; Permission; Prototypes; Resource management; Security;
Conference_Titel :
High Assurance Systems Engineering Symposium, 2007. HASE '07. 10th IEEE
Conference_Location :
Plano, TX
Print_ISBN :
978-0-7695-3043-7
DOI :
10.1109/HASE.2007.29
