A cross - Domain role mapping and authorization framework for RBAC in grid systems

Abstract

Highly computational resource sharing environments like grids pose major security issues. Secure interoperability has been a growing concern for such multi domain computing systems. Collaboration in such a diverse environment requires integration of all local policies to compose a global access control policy for controlling information and resource. Access control in such an environment is still an open problem. The much standardized Role Based Access Control (RBAC) is yet to be fully utilized in a multi domain grid environment like the Grids. Here, we present an architectural framework for adaptation and implementation of RBAC for grid access control. Our approach includes solutions for delegation and revocation in a single domain grid enterprise. The classical Role Based Access Control, though an effective access control standard, does not address the issue of resolving a local role into a global role. So, we also propose an architecture based on RBAC, which can establish role equivalence among the domains by mapping a local domain role to its equivalent global role. We use the approach of weighted ranking for the same. The final authorization decision is made based on the mapped global role ranking and also the resource access policies. © 2009 Technomathematics Research Foundation.