SOGA: Fine-Grained Authorization for Self-Organizing Grid

  • Ming Guo
  • Yong Zhu
  • Yuheng Hu
  • Weishuai Yang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4537)

Abstract

The potential of truly large scale Grids can only be realized with Grid architectures and deployment strategies that lower the need for human administrative intervention, and therefore open the Grid to wider participation from resources and users. Self-Organizing Grids (SOGs) was proposed to address this issue. Current general solutions for Grid authorization are not scalable enough, inflexible, inefficient, coarse-grained, or require too much administrative work, thus do not fit for the needs of SOGs. The arising Semantic Web can contribute to a solution. In this paper, we propose SOGA, a fine-grained authorization architecture for SOG environment. Its characteristics includes, policy based authorization, fine-grained access control, dynamic environment monitor and ontology driven access rights reasoning.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Oasis extensible access control markup language (XACML) committee specification (2002), http://www.oasisopen.org/committees/xacml/docs/s-xacmlspeci.cation-1.0-1.doc
  2. 2.
    Abu-Ghazaleh, N., Lewis, M.: Towards self-organizing grids. In: Proc. IEEE International Conference on High Performance Distributed Computing (HPDC-15) (2006)Google Scholar
  3. 3.
    eri, R.Al.,Cecchini, R., Ciaschini, V.,dell’Agnello, L., Frohner, A., Gianoli, A., Lorentey, K., Voms, S.F.: An authorization system for virtual organizations. In: European Across Grids Conference, pp. 33–40, (2003)Google Scholar
  4. 4.
    Allen, K., Davis, T., Dramlitsch, T., Goodale, I., Kelley, G., Lanfermann, J., Novotny, T., Radke, K., Rasul, M., Russell, E., Seidel, Wehrens, O.: The gridlab grid application toolkit. In: HPDC 2002: Proceedings of the 11th IEEE International Symposium on High Performance Distributed Computing HPDC-1120002 (HPDC 2002), p. 411. IEEE Computer Society, Washington, DC, USA (2002)CrossRefGoogle Scholar
  5. 5.
    Foster, I., Kesselman, C.: The Grid2: Blue print for a New Computing Infrastructure. Morgan Kaufmann Publishers Inc, San Francisco, CA, USA,Google Scholar
  6. 6.
    Foster, I., Kesselman, C., Tuecke, S.: The anatomy of the grid: Enabling scalable virtual organizations. Int. J. High Perform. Comput. Appl. 15(3), 200–222 (2001)CrossRefGoogle Scholar
  7. 7.
    Lorch, M., Adams, D.B., Kafura, D., Koneni, M.S.R., Rathi, A., Shah, S.: The prima system for privilege management, authorization and enforcement in grid environments. In: GRID 2003. Proceedings of the Fourth International Workshop on Grid Computing, p. 109. IEEE Computer Society Press, Washington, DC, USA (2003)Google Scholar
  8. 8.
    Novotny, J., Tuecke, S., Welch, V.: An online credential repository for the grid: Myproxy. In: HPDC 2001. Proceedings of the 10th IEEE International Symposium on High Performance Distributed Computing, p. 104. IEEE Computer Society Press, Washington, DC, USA (2001)Google Scholar
  9. 9.
    Pearlman, L., Welch, V., Foster, I., Kesselman, C., Tuecke, S.: A community authorization service for group collaboration. In: POLICY 2002. Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks, p. 50. IEEE Computer Society Press, Washington, DC,USA (2002)Google Scholar
  10. 10.
    Thompson, M.R., Essiari, A., Mudumbai, S.: Certicate-based authorization policy in a PKI environment. ACM Trans. Inf. Syst. Secur. 6(4), 566–588 (2003)CrossRefGoogle Scholar
  11. 11.
    Yang, W., Abu-Ghazaleh, N., Lewis, M.J.: Automatic clustering for self-organizing grids. In: Proc. of CLUSTER 2006 (2006)Google Scholar
  12. 12.
    Priebe, T., Dobmeier, W., Kamprath, N.: Supporting Attribute-based Access control with Ontologies. In: proceedings of the First International Conference on Availability, Reliability and Security (ARES 2006), IEEE Computer Society Press, Los Alamitos (2006)Google Scholar
  13. 13.
    Ferraiolo, F., Sandhu, R., Gavrila, S., Kuhn, D., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM transaction on Information and Systems Security. vol. 4(3) (August 2001)Google Scholar
  14. 14.
    Gruber, T.R.: A translation approach to portable ontologies. Knowledge Acquisition 5(2), 199–220 (1993)CrossRefGoogle Scholar
  15. 15.
    Protege he official web site: http://protege.stanford.edu/
  16. 16.
    Horrocks, I., et al.: SWRL: A Semantic Web Rule Language Combining OWL and RuleML, W3C Member Submission (2004)Google Scholar
  17. 17.

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Ming Guo
    • 1
  • Yong Zhu
    • 1
  • Yuheng Hu
    • 1
  • Weishuai Yang
    • 2
  1. 1.Department of Computer Science, Zhejiang University, City College 
  2. 2.Department of Computer Science, Binghamton University 

Personalised recommendations