TY - JOUR
T1 - Semantic-based authorization architecture for Grid
AU - Marin Perez, Juan M.
AU - Bernal Bernabe, Jorge
AU - Alcaraz Calero, Jose M.
AU - Garcia Clemente, Felix J.
AU - Martinez Perez, Gregorio
AU - Gomez Skarmeta, Antonio F.
PY - 2011/1/1
Y1 - 2011/1/1
N2 - There are a few issues that still need to be covered regarding security in the Grid area. One of them is authorization where there exist good solutions to define, manage and enforce authorization policies in Grid scenarios. However, these solutions usually do not provide Grid administrators with semantic-aware components closer to the particular Grid domain and easing different administration tasks such as conflict detection or resolution. This paper defines a proposal based on Semantic Web to define, manage and enforce security policies in a Grid scenario. These policies are defined by means of semantic-aware rules which help the administrator to create higher-level definitions with more expressiveness. These rules also permit performing added-value tasks such as conflict detection and resolution, which can be of interest in medium and large scale scenarios where different administrators define the authorization rules that should be followed before accessing a resource in the Grid. The proposed solution has been also tested providing some reasonable response times in the authorization decision process.
AB - There are a few issues that still need to be covered regarding security in the Grid area. One of them is authorization where there exist good solutions to define, manage and enforce authorization policies in Grid scenarios. However, these solutions usually do not provide Grid administrators with semantic-aware components closer to the particular Grid domain and easing different administration tasks such as conflict detection or resolution. This paper defines a proposal based on Semantic Web to define, manage and enforce security policies in a Grid scenario. These policies are defined by means of semantic-aware rules which help the administrator to create higher-level definitions with more expressiveness. These rules also permit performing added-value tasks such as conflict detection and resolution, which can be of interest in medium and large scale scenarios where different administrators define the authorization rules that should be followed before accessing a resource in the Grid. The proposed solution has been also tested providing some reasonable response times in the authorization decision process.
KW - Globus security
KW - Authorization
KW - Semantic web
KW - Policy conflict analysis
UR - https://www.sciencedirect.com/science/article/pii/S0167739X10001421?via%3Dihub
U2 - 10.1016/j.future.2010.07.008
DO - 10.1016/j.future.2010.07.008
M3 - Article
SN - 0167-739X
VL - 27
SP - 40
EP - 55
JO - Future Generation Computer Systems
JF - Future Generation Computer Systems
IS - 1
ER -