Dynamic Role and Context-Based Access Control for Grid Applications

Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed "virtual organizations." The heterogeneous, dynamic and multi-domain nature of these environments introduces challenging security issues that demand new technical approaches. Despite the recent advances in access control approaches applicable to Grid computing, there remain issues that impede the development of effective access control models for Grid applications. Amongst them are the lack of context-based models for access control, and reliance on identity or capability-based access control schemes. In this paper, we present an access control scheme that resolve these issues, and propose a dynamic role and context-based access control (RCBAC) framework which extends the RBAC with context constraints. The RCBAC mechanisms dynamically grant and adapt permissions to users based on a set of contextual information collected from the system and user\´s environments, while retaining the advantages of RBAC model. We also describe the implementation architecture of RCBAC for the grid application.