Open Social and XACML Based Group Authorization Framework

In a data-driven Science Collaborative Framework, access authorization is a vital component to facilitate the management of the collective data and computing resources shared by researchers from geographically distributed locations. But traditional virtual organization based access control frameworks are not suitable for self-organizing, ad-hoc and opportunistic scientific collaborations, in which scientists can easily set up group-oriented authorization rules across the administrative domains to share their resources by flexible and effective access control. Using the emerging OAuth2.0 protocol and XACML framework, this paper introduces a novel Open Social based access control framework to support ad-hoc team formation and user-controlled resource sharing. To verify the effectiveness of our authorization framework, we develop a infant birth-defect data and data mining resource-sharing application. Our experiences demonstrate that the proposed framework is a very promising approach to resource sharing in cross-domain network environments.