DPMF: A policy management framework for heterogeneous authorization systems in grid environments

Authors:
Chiu-Man Yu;Kam-Wing Ng
Affiliations:
Department of Computer Science and Engineering, The Chinese University of Hong Kong, Shatin, New Territories, Hong Kong, China;(Correspd. Tel.: +852 26098417/ Fax: +852 26035024/ E-mail: kwng@cse.cuhk.edu.hk) Department of Computer Science and Engineering, The Chinese University of Hong Kong, Shatin, New Territories, Hong ...
Venue:
Multiagent and Grid Systems - Content management and delivery through P2P-based content networks
Year:
2009

Citing 15
Cited 1

Configuring role-based access control to enforce mandatory and discretionary access control policies

ACM Transactions on Information and System Security (TISSEC)
A Policy Service for GRID Computing

GRID '02 Proceedings of the Third International Workshop on Grid Computing
Security for Grid Services

HPDC '03 Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing
The PRIMA System for Privilege Management, Authorization and Enforcement in Grid Environments

GRID '03 Proceedings of the 4th International Workshop on Grid Computing
Cassandra: Distributed Access Control Policies with Tunable Expressiveness

POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Access-Control Language for Multidomain Environments

IEEE Internet Computing
Abstract interdomain security assertions: a basis for extra-grid virtual organizations

IBM Systems Journal
The GridSite Web-Grid security system: Research Articles

Software—Practice & Experience - Grid Security
A Multipolicy Authorization Framework for Grid Security

NCA '06 Proceedings of the Fifth IEEE International Symposium on Network Computing and Applications
An approach to evaluate policy similarity

Proceedings of the 12th ACM symposium on Access control models and technologies
GCM: a grid configuration manager for heterogeneous grid environments

International Journal of Grid and Utility Computing
RB-GACA: an RBAC based grid access control architecture

International Journal of Grid and Utility Computing
A mechanism to make authorization decisions in open distributed environments without complete policy information

ICCS'06 Proceedings of the 6th international conference on Computational Science - Volume Part IV
Dynamic policy management framework for partial policy information

EGC'05 Proceedings of the 2005 European conference on Advances in Grid Computing
Ontology issue in multi-agent distributed learning

AIS-ADM 2005 Proceedings of the 2005 international conference on Autonomous Intelligent Systems: agents and Data Mining

Trust management of services in cloud environments: Obstacles and solutions

ACM Computing Surveys (CSUR)

Quantified Score

Hi-index	0.01

Visualization

Abstract

In order to enable an open Grid environment to support organized resource sharing between multiple heterogeneous Virtual Organizations (VOs), we need to tackle the challenges of dynamic membership of VOs and trust relationships between the VOs. We propose a Dynamic Policy Management Framework (DPMF), a Conflict Analysis with Partial Information (CAPI) mechanism, and a heterogeneous authorization policy management mechanism to resolve the problems. DPMF groups VOs deploying the same model of authorization systems together to form a virtual cluster. Policy management is divided into inter-cluster heterogeneous policy management, and intra-cluster homogeneous policy management. The CAPI mechanism is developed to provide an approach of policy conflict analysis in open environments without complete policy information. The main idea of CAPI is to generate substitution policies to replace the unknown policy information. The heterogeneous policy management mechanism deals with authorization between VOs of heterogeneous authorization systems.