Towards Secure Information Sharing and Management in Grid Environments

Abstract

The introduction of service-oriented paradigm in grid and corresponding Web services standards has recently demanded the evolution of access control solutions to support finegrained authorization requirements and dynamic natures derived from grid environments. In this paper, we present a role-based authorization infrastructure for data sharing and management services in grid. Our infrastructure advocates a dynamic and flexible resource-centric authorization approach with features of distributed role-based access control and systematic delegation of administrative authority. The infrastructure seamlessly integrates the existing XACML-based policy framework and authorization services in the RAMARS framework. We discuss our proof-of-concept prototype system that supports Web services and SAML based authorization assertions. We also describe how the framework can be deployed in being compatible with an open grid service architecture