UCGS: A Usage Control Approach for Grid Services

2007 International Conference on Computational Intelligence and Security Workshops (CISW 2007) Pub Date : 2007-12-15 DOI:10.1109/CIS.WORKSHOPS.2007.198

Yiduo Mei, Xiaoshe Dong, Weiguo Wu, Shangyuan Guan, Jing Xu

{"title":"UCGS: A Usage Control Approach for Grid Services","authors":"Yiduo Mei, Xiaoshe Dong, Weiguo Wu, Shangyuan Guan, Jing Xu","doi":"10.1109/CIS.WORKSHOPS.2007.198","DOIUrl":null,"url":null,"abstract":"The dynamic and multi-institutional nature of the grid environments introduces challenging security issues that demand new technical approaches. But traditional access control models consider static authorization decisions based on subjects'pre-assigned permissions on target objects and focus on a closed system, therefore, they are not suitable for the dynamic grid environments. To address the above problems, we propose UCGS, a novel usage control approach for grid services. Our approach is inspired by the usage control model (UCON). UCGS improves the security of the grid services by employing a continuous usage control of the grid services, monitoring the behavior of the subjects. It enables richer and finer-grained control over authorization and usage of grid services and resources than that of traditional access control models. \"Blacklist\", \"unilateral contract\" and \"arbitrator\" are introduced in UCGS to guarantee that a subject can not deny its obligations after service is complete, which contributes to maintain the normal order of the grid environments and the security and interests of the service providers.","PeriodicalId":409737,"journal":{"name":"2007 International Conference on Computational Intelligence and Security Workshops (CISW 2007)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-12-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 International Conference on Computational Intelligence and Security Workshops (CISW 2007)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CIS.WORKSHOPS.2007.198","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

Abstract

The dynamic and multi-institutional nature of the grid environments introduces challenging security issues that demand new technical approaches. But traditional access control models consider static authorization decisions based on subjects'pre-assigned permissions on target objects and focus on a closed system, therefore, they are not suitable for the dynamic grid environments. To address the above problems, we propose UCGS, a novel usage control approach for grid services. Our approach is inspired by the usage control model (UCON). UCGS improves the security of the grid services by employing a continuous usage control of the grid services, monitoring the behavior of the subjects. It enables richer and finer-grained control over authorization and usage of grid services and resources than that of traditional access control models. "Blacklist", "unilateral contract" and "arbitrator" are introduced in UCGS to guarantee that a subject can not deny its obligations after service is complete, which contributes to maintain the normal order of the grid environments and the security and interests of the service providers.

查看原文本刊更多论文

UCGS:网格服务的使用控制方法

网格环境的动态性和多机构性引入了具有挑战性的安全问题，需要新的技术方法。但是传统的访问控制模型考虑的是基于主体对目标对象预先分配的权限的静态授权决策，并且关注的是一个封闭的系统，因此不适合动态网格环境。为了解决上述问题，我们提出了一种新的网格服务使用控制方法UCGS。我们的方法受到使用控制模型(UCON)的启发。UCGS通过对网格服务的连续使用控制，监控主体的行为，提高了网格服务的安全性。与传统的访问控制模型相比，它支持对网格服务和资源的授权和使用进行更丰富、更细粒度的控制。UCGS中引入了“黑名单”、“单方合同”和“仲裁员”等制度，以保证服务完成后主体不能否认其义务，有利于维护电网环境的正常秩序和服务提供者的安全和利益。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2007 International Conference on Computational Intelligence and Security Workshops (CISW 2007)

自引率

0.00%

发文量