Abstract
Grid computing is a system that coordinates distributed resources using standards, open, general purpose protocols and interfaces to provide nontrivial quality of services. Usage Control model (UCON) is a new emerging authorization framework that combined features of traditional access control, trust management and digital right management in one abstraction. Adoption of UCON improved the fine-grain of grid authorization policy. The major problem of the UCON based authorization is the finer-grain the authorization, the higher overhead will be impacted to the system. This is because fine-grained authorization required very complex policies to define rules accurately. To evaluate complex policies is very time consuming as the system needs to check rules by rules in each policy for each resource in order to produce the access result, resulting in lower authorization performance. This limitation is crucial for large collaborative environment like grid where user and resource keep increasing year by year. Therefore, a mechanism to reduce the number of checking during authorization process is needed. In this study we propose a mechanism to reduce the number of rules checking by eliminating irrelevant set of rules. The irrelevant rules are determined by the dependency of rules model. Our simulation result shows that our technique able to further reduce the number of rules checking in grid authorization system compared to previous method. The checking process also can be skipped for certain rules using our method.
Highlights
Grid computing aimed to enable resource sharing for large project collaborations to solve one big problem. Foster and Kesselman (2004) defined a grid as a system that coordinates distributed resources using standards, open, general purpose protocols and interfaces to provide nontrivial quality of services
Our simulation result shows that our technique able to further reduce the number of rules checking in grid authorization system compared to previous method
Performance and heterogeneity are the objectives for any distributed system, the nature of Virtual Organization (VO) in grid demands a fine-grained authorization system to manage the usage of resource (Keahey et al, 2003)
Summary
Grid computing aimed to enable resource sharing for large project collaborations to solve one big problem. Foster and Kesselman (2004) defined a grid as a system that coordinates distributed resources using standards, open, general purpose protocols and interfaces to provide nontrivial quality of services. Some of the requirements mentioned in (Foster et al, 2001; Welch et al, 2003; Foster and Kesselman, 2004; Humphrey et al, 2005) included naming and authentication, authorization, privacy, trust, intrusion detection, security policy exchange and enforcement To address those requirements, various grid security solutions have been proposed. To evaluate complex security policies is very time consuming as the system needs to check rules by rules in each policy for each resource in order to produce the access result, resulting in lower authorization performance. This limitation is crucial for large collaborative environment like grid where user and resource keep increasing year by year.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
