In this paper, we present a novel resource brokering service for grid systems which considers authorization policies of the grid nodes in the process of selecting the resources to be assigned to a request. We argue such an integration is needed to avoid scheduling requests onto resources the policies of which do not authorize their execution. Our service, implemented in Globus as a part of Monitoring and Discovery Service (MDS), is based on the concept of fine-grained access control (FGAC) which enables participating grid nodes to specify fine-grained policies concerning the conditions under which grid clients can access their resources. Since the process of evaluating authorization policies, in addition to checking the resource requirements, can be a potential bottleneck for a large scale grid, we also analyze the problem of the efficient evaluation of FGAC policies. In this context, we present GroupByRule, a novel method for policy organization and compare its performance with other strategies.
|Titolo:||Efficient integration of fine-grained access control and resource brokering in grid|
|Autori:||P., Mazzoleni; Crispo, Bruno; S., Sivasubramanian; E., Bertino|
|Titolo del periodico:||THE JOURNAL OF SUPERCOMPUTING|
|Anno di pubblicazione:||2009|
|Digital Object Identifier (DOI):||http://dx.doi.org/10.1007/s11227-008-0248-3|
|Appare nelle tipologie:||03.1 Articolo su rivista (Journal article)|