Abstract
Access control techniques designed for single domain infrastructures, where users are known by domain administrators, provide considerable liberty in the usage of resources. This paradigm is not suitable for highly scalable and decentralised systems such as Grids and service oriented architectures (SOA), where resources are shared between domains, and users come from remote domains. One approach is to provide policy-driven autonomic solutions that operate a continuous monitoring of the usage of resources by users. This paper presents the services and tools offered by the GridTrust Security Framework (GSF). GSF addresses three layers of the next generation of grid (NGG) architecture: the Grid application layer, the Grid service middleware layer, and the Grid foundation layer. The framework is composed of security and trust services and tools provided at the middleware and Grid foundation middleware layers. Various business case studies are being developed to validate the GridTrust results.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Alfieri, R., Cecchini, R., Ciaschini, V., dell Agnello, L., Frohner, A., Gianoli, A., Lorentey, K., Spataro, F.: VOMS: An Authorisation System for Virtual Organizations. In: Proceedings of 1st European Across Grid Conference (2003)
Alfresco Cluster in the Cloud, http://ihatecubicle.blogspot.com/2008/05/alfresco-cluster-in-compute-cloud.html
Aziz, B., Arenas, A., Martinelli, F., Matteucci, I., Mori, P.: Controlling Usage in Business Processes Workflows through Fine-Grained Security Policies. In: Furnell, S.M., Katsikas, S.K., Lioy, A. (eds.) TrustBus 2008. LNCS, vol. 5185. Springer, Heidelberg (2008)
Camarinha-Matos, L.M., Afsarmanesh, H.: Elements of a base VE infrastructure. Journal of Computers in Industry 51(2), 139–163 (2003), http://www.uninova.pt/~cam/ev/CiI.PDF
Foster, I., Kesselman, C., Nick, J., Tuecke, S.: Grid Services for Distributed System Integration. IEEE Computer 35(6), 37–46 (2002)
Gambardella, L.M., Taillard, E., Agazzi, G.: MACS-VRPTW: A Multiple Ant Colony System for Vehicle Routing Problems with Time Windows. In: Corne, D., Dorigo, M., Glover, F. (eds.) New Ideas in Optimization, pp. 63–76. McGraw-Hill, New York (1999)
Gounaris, A., Paton, N., Sakellariou, R., Fernandes, A., Smith, J., Watson, P.: Modular Adaptive Query Processing for Service-Based Grids CoreGRID Technical Report TR-0076 (March 2007)
Martinelli, F., Mori, P., Vaccarelli, A.: Towards Continuous Usage Control on Grid Computational Services. In: Proceedings of Joint International Conference on Autonomic and Autonomous Systems and International Conference on Networking and Services (ICAS-ICNS 2005), p. 82. IEEE Computer Society, Los Alamitos (2005)
Martinelli, F., Mori, P., Vaccarelli, A.: Fine Grained Access Control for Computational Services. Technical Report Number TR-06/2006, Istituto di Informatica e Telematica, Consiglio Nazionale delle Ricerche, Pisa (2006)
Martinelli, F., Mori, P.: A Model for Usage Control in GRID Systems. In: Proceedings of the First International Workshop on Security, Trust and Privacy in Grid Systems (GRID-STP 2007) (2007)
Pearlman, L., Kesselman, C., Welch, V., Foster, I., Tuecke, S.: The Community Authorization Service: Status and Future. In: Proceedings of Computing in High Energy and Nuclear Physics (CHEP 2003) (2003)
Sandhu, R., Park, J.: The UCONABC usage control model. ACM Transactions on Information and System Security 7(1), 128–174 (2004)
Zhang, X., Nakae, M., Covington, M.J., Sandhu, R.: A usage-based authorization framework for collaborative computing systems. In: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies. SACMAT 2006, Lake Tahoe, California, USA, June 07 - 09, 2006, pp. 180–189. ACM, New York (2006)
Stell, A.J., Sinnott, R.O., Watt, J.P.: Comparison of Advanced Authorisation Infrastructures for Grid Computing. In: Proceedings of High Performance Computing System and Applications, HPCS 2005, pp. 195–201 (2005)
Thompson, M.R., Essiari, A., Keahey, K., Welch, V., Lang, S., Liu, B.: Fine-Grained Authorization for job and resource management using Akenti and the Globus toolkit. In: Proceedings of Computing in High Energy and Nuclear Physics (CHEP 2003) (2003)
van weerde, L.: Requirements Engineering in the Year 2000: A Research Perspective. In: Proceedings of the 22nd International Conference on Software Engineering, Limerick, Ireland, pp. 5–19. ACM, New York (2000), http://www.sis.uncc.edu/~seoklee/teaching/Papers/lamsweerde00requirements.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Naqvi, S. et al. (2008). Fine-Grained Continuous Usage Control of Service Based Grids – The GridTrust Approach. In: Mähönen, P., Pohl, K., Priol, T. (eds) Towards a Service-Based Internet. ServiceWave 2008. Lecture Notes in Computer Science, vol 5377. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-89897-9_21
Download citation
DOI: https://doi.org/10.1007/978-3-540-89897-9_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-89896-2
Online ISBN: 978-3-540-89897-9
eBook Packages: Computer ScienceComputer Science (R0)