Abstract

In Grid-based collaborations, a number of data sharing services in Grid are established to provide a unified platform for dynamic discovery, access and replication of distributed data. Controlling access to Grid data in these services requires the ability to dynamically make authorisation decisions based on the data owners' policies and users' credentials across administrative domains. In this paper, we present a flexible policy-driven authorisation system, called RamarsAuthZ, for secure data sharing services in Grid systems. RamarsAuthZ adopts a flexible role-based approach with trust-aware feature to advocate originator control, delegation and dissemination control. A case study based on Globus data replication service (DRS) is presented to provide effective access control both at the service level and at the data level. Our system is flexible and interoperable with multiple Grid services with little reliance on static policy and attribute management.

Original languageEnglish (US)
Pages (from-to)215-233
Number of pages19
JournalInternational Journal of Information and Computer Security
Volume4
Issue number3
DOIs
StatePublished - May 2011

Keywords

  • Access control
  • Assured sharing
  • Grid systems
  • Security

ASJC Scopus subject areas

  • Software
  • Safety, Risk, Reliability and Quality
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Assured resource sharing in Grid environments'. Together they form a unique fingerprint.

  • Cite this