Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
A Policy Service for GRID Computing
GRID '02 Proceedings of the Third International Workshop on Grid Computing
HPDC '03 Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing
The PRIMA System for Privilege Management, Authorization and Enforcement in Grid Environments
GRID '03 Proceedings of the 4th International Workshop on Grid Computing
Cassandra: Distributed Access Control Policies with Tunable Expressiveness
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Access-Control Language for Multidomain Environments
IEEE Internet Computing
The GridSite Web-Grid security system: Research Articles
Software—Practice & Experience - Grid Security
A Multipolicy Authorization Framework for Grid Security
NCA '06 Proceedings of the Fifth IEEE International Symposium on Network Computing and Applications
An approach to evaluate policy similarity
Proceedings of the 12th ACM symposium on Access control models and technologies
GCM: a grid configuration manager for heterogeneous grid environments
International Journal of Grid and Utility Computing
RB-GACA: an RBAC based grid access control architecture
International Journal of Grid and Utility Computing
ICCS'06 Proceedings of the 6th international conference on Computational Science - Volume Part IV
Dynamic policy management framework for partial policy information
EGC'05 Proceedings of the 2005 European conference on Advances in Grid Computing
Ontology issue in multi-agent distributed learning
AIS-ADM 2005 Proceedings of the 2005 international conference on Autonomous Intelligent Systems: agents and Data Mining
Trust management of services in cloud environments: Obstacles and solutions
ACM Computing Surveys (CSUR)
Hi-index | 0.01 |
In order to enable an open Grid environment to support organized resource sharing between multiple heterogeneous Virtual Organizations (VOs), we need to tackle the challenges of dynamic membership of VOs and trust relationships between the VOs. We propose a Dynamic Policy Management Framework (DPMF), a Conflict Analysis with Partial Information (CAPI) mechanism, and a heterogeneous authorization policy management mechanism to resolve the problems. DPMF groups VOs deploying the same model of authorization systems together to form a virtual cluster. Policy management is divided into inter-cluster heterogeneous policy management, and intra-cluster homogeneous policy management. The CAPI mechanism is developed to provide an approach of policy conflict analysis in open environments without complete policy information. The main idea of CAPI is to generate substitution policies to replace the unknown policy information. The heterogeneous policy management mechanism deals with authorization between VOs of heterogeneous authorization systems.