An access control model for grid computing based on security information evaluation

Abstract

There are multiple administrative domains in a grid environment where each domain has a policy space of their own. Generally, a mobile process usually travels from one policy space to another. However, current grid security infrastructure lacks in support of mobile processes in grid environment. This paper presents a credit quantitative criterion for a mobile process, and realizes security information evaluation according to these quantitative criteria. Relevant algorithms are designed to decide whether a mobile process is allowed to perform an operation. By using the dynamical access control mechanism based on security information evaluation, the flexibility of mobile processes and availability of network security facilities are enhanced.