Authors: Marilyn Lim Chien Hui, Nabil Elmarzouqi, Chan Huah Yong

Abstract:

This paper describes the authorization system architecture for Pervasive Grid environment. It discusses the characteristics of classical authorization system and requirements of the authorization system in pervasive grid environment as well. Based on our analysis of current systems and taking into account the main requirements of such pervasive environment, we propose new authorization system architecture as an extension of the existing grid authorization mechanisms. This architecture not only supports user attributes but also context attributes which act as a key concept for context-awareness thought. The architecture allows authorization of users dynamically when there are changes in the pervasive grid environment. For this, we opt for hybrid authorization method that integrates push and pull mechanisms to combine the existing grid authorization attributes with dynamic context assertions. We will investigate the proposed architecture using a real testing environment that includes heterogeneous pervasive grid infrastructures mapped over multiple virtual organizations. Various scenarios are described in the last section of the article to strengthen the proposed mechanism with different facilities for the authorization procedure.

Keywords: Pervasive Grid, Authorization System, Contextawareness, Ubiquity.

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1081373

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2115

References:

[1] Ian Foster , Carl Kesselman , Steven Tuecke, The Anatomy of the Grid: Enabling Scalable Virtual Organizations, International Journal of High Performance Computing Applications, v.15 n.3, p.200-222, August 2001
[2] J. Chin, N. Zhang, A. Nenadic, and O. Bamasak, "A context-constrained authorisation (cocoa) framework for pervasive grid computing," Wireless Networks.
[Online]. Available: http://dx.doi.org/10.1007/s11276-008-0135-0
[3] "Pervasive Grids: Challenges and Opportunities," M. Parashar and J-M Pierson, "Handbook of Research on Scalable Computing Technologies," Editors: K Li, C Hsu, Laurence T Yang, J. Dongarra and H Zima, Information Science Reference, IGI Global, ISBN: 978-1-60566-661-7, 2009.
[4] Chakrabarti, A., "Grid Authorization System", In Grid Computing Security. Chapter 5. Springer-Verlag, 2007.
[5] Robert G. Carter. "Authentication vs. Authorization". Kerberos: What, Why, How? 29 May 2010. http://www.duke.edu/~rob/kerberos/authvauth.html
[6] Andrew S. Tanenbaum, Maarten Van Steen, Distributed Systems: Principles and Paradigms, Prentice Hall PTR, Upper Saddle River, NJ, 2001 ISBN: 978-0-13088-893-8, 2002.
[7] R. Alfieri, R. Cecchini, V. Ciaschini, L. dell- Agnello, A. Frohner, et. al., "VOMS, an Authorization System for Virtual Organizations". In Proceedings of the 1st European Across Grids Conference - Santiago de Compostela, Spain, 13-14 February 2003, 2003.
[8] Markus Lorch, Bob Cowles, Rich Baker, Leon Gommans, Paul Madsen, Andrew McNab, Lavanya Ramakrishnan, Krishna Sankar, Dane Skow, Mary R. Thompson, "Conceptual Grid Authorization Framework and Classification". In Authrization Frameworks and Mechanisms - WG,2004.
[9] "Pervasive Grids: Challenges and Opportunities," M. Parashar and J-M Pierson, "Handbook of Research on Scalable Computing Technologies," Editors: K Li, C Hsu, Laurence T Yang, J. Dongarra and H Zima, Information Science Reference, IGI Global, ISBN: 978-1-60566-661-7, 2009.
[10] Hung-Min Sun, King-Hang Wang, Pa Saffiong Kebbeh, "Distributed Authorization and Authentication Framework for a Grid Infrastructure", 2007.
[11] LIU Shengjian, "A study on the Mechanisms of Policy-based Grid Authorization", In 2009 International Conference on multimedia Information Networking and Security, 2009
[12] D.W. Chadwick ad A. Otenko. "The PERMIS X.509 Role Based Privilege Management Infrastructure". In Proc. Of 7th ACM Symposium On Access Control Models And Technologies, 2002.
[13] Vassiliki KOUFI and George VASSILACOPOULOS, "Context-Aware Access Control for Pervasive Access to Process-based Healthcare Systems". In eealth the Horizon -Get IT There S.K. Andersen et al. (Eds.) IOS Press,2008.
[14] Vassiliki KOUFI and George VASSILACOPOULOS, "Context-Aware Access Control for Pervasive Access to Process-based Healthcare Systems". In eealth the Horizon -Get IT There S.K. Andersen et al. (Eds.) IOS Press,2008.