Dynamically Authorized Role-Based Access Control for Grid Applications

• Published in: Geo-spatial information science Vol. 9; no. 3; pp. 223 - 228
• Main Authors: Hanbing, Yao, Heping, Hu, Zhengding, Lu, Ruixuan, Li
• Format: Journal Article
• Language: English
• Published: Taylor & Francis Group 2006; College of Computer Science and Technology, Huazhong University of Science and Technology, Guanshan, Wuhan 430074, China
• Subjects: access control; context-based; GIS; Grid security; RBAC; TP393; 地理信息系统; 安全性; 接入控制; Grid security; access control; RBAC; context-based
• ISSN: 1009-5020; 1993-5153
• DOI: 10.1007/BF02826772

Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed ＂virtual organizations＂. The heterogeneous, dynamic and multi-domain nature of these environments makes challenging security issues that demand new technical approaches. Despite the recent advances in access control approaches applicable to Grid computing, there remain issues that impede the development of effective access control models for Grid applications. Among them there are the lack of context-based models for access control, and reliance on identity or capability-based access control schemes. An access control scheme that resolve these issues is presented, and a dynamically authorized role-based access control （D-RBAC） model extending the RBAC with context constraints is proposed. The D-RABC mechanisms dynamically grant permissions to users based on a set of contextual information collected from the system and user＇s environments, while retaining the advantages of RBAC model. The implementation architecture of D-RBAC for the Grid application is also described.