Grid authorization graph
Grid authorization graph
No Thumbnail Available
Date
2013-06-11
Authors
Kaiiali, Mustafa
Wankar, Rajeev
Rao, C. R.
Agarwal, Arun
Buyya, Rajkumar
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
The heterogeneous and dynamic nature of a grid environment demands a scalable authorization system. This brings out the need for a fast fine-grained access control mechanism for authorizing grid resources. Existing grid authorization systems adopt inefficient mechanisms for storing resources' security policies. This leads to a large number of repetitions in checking security rules. One of the efficient mechanisms that handle these repetitions is the Hierarchical Clustering Mechanism (HCM). HCM reduces the redundancy in checking security rules compared to the Brute Force Approach (BFA) as well as the Primitive Clustering Mechanism (PCM). Further enhancement is done to HCM to increase the scalability of the authorization process. However, HCM is not totally free of repetitions and cannot easily describe the OR-based security policies. A novel Grid Authorization Graph (GAG) is proposed to overcome HCM limitations. GAG introduces special types of edges named "Correspondence Edge"/"Discrepancy Edge" which can be used to entirely eliminate the redundancy and handle the cases where a set of security rules are mutually exclusive. Comparative studies are made in a simulated environment using the Grid Authorization Simulator (GAS) developed by the authors. It simulates the authorization process of the existing mechanisms like BFA, PCM, HCM and the proposed novel GAG. It also enables a comparative analysis to be done between these approaches. © 2013 Elsevier B.V. All rights reserved.
Description
Keywords
Access control,
Grid authorization,
Grid Authorization Graph,
Grid computing,
Hierarchical Clustering Mechanism
Citation
Future Generation Computer Systems. v.29(8)