Flexible Authorization with Decentralized Access Control Model for Grid Computing

Author

Zhang, Xinwen ; Li, Qi ; Seifert, Jean-Pierre ; Xu, Mingwei

Author_Institution

Samsung Inf. Syst. America, San Jose

fYear

2007

fDate

14-16 Nov. 2007

Firstpage

156

Lastpage

165

Abstract

With the increasing complexity of dynamic and collaborative computing environments in grid, security management has become a critical factor. Although several approaches have been proposed, fully decentralized and efficient authorization management is still a challenging problem. We propose an access control scheme based on a group-based RBAC model for grid computing environments. By separating the administrations of users by VO level policies and permissions by resource or service provider policies, our scheme provides decentralized, autonomous, and fine-grained security management which fits the dynamic environment of grids, and can support ad-hoc collaborations. We implement a proof-of-concept prototype system by enhancing the access control module in grid file system (GFS) and specifying different levels of policies with XACML.

Keywords

authorisation; grid computing; groupware; virtual enterprises; ad-hoc collaborations; authorization management; collaborative computing environments; decentralized access control model; fine-grained security management; flexible authorization; grid computing; grid file system; group-based RBAC model; proof-of-concept prototype system; security management; service provider policies; virtual organizations; Access control; Authorization; Collaboration; Environmental management; File systems; Grid computing; Permission; Prototypes; Resource management; Security;

fLanguage

English

Publisher

ieee

Conference_Titel

High Assurance Systems Engineering Symposium, 2007. HASE '07. 10th IEEE

Conference_Location

Plano, TX

ISSN

1530-2059

Print_ISBN

978-0-7695-3043-7

Type

conf

DOI

10.1109/HASE.2007.29

Filename

4404738