Open Access  Subscription or Fee Access

Grid technologies enable large-scale sharing of resources within formal or informal consortia of individuals and/or institutions: what are sometimes called virtual organizations. In these settings, the discovery, characterization, and monitoring of resources, services, and computations can be challenging due to the considerable diversity ,large numbers, dynamic behavior, and geographical distribution of the entities in which a user might be interested. Authorization and access control; the significant aspects of security, have attracted increased attention in grid computing. In authorization an essential part to protect the information and all other resources from unauthorized access by controlling the access via a particular system. Role-Based Access Control (RBAC) is a fairly novel access control technique that provides a centralized, dynamic, and consistent authorization management specifically for the requirements of a particular industry to improve its security.. RBAC was developed in the Globus toolkit(GT). Access control is formed by the support of Community Authorization Service (CAS) and this CAS was used and developed in many problems grid research. The major problem with the CAS is that the user credentials are revealed to the virtual organization (VO).In this paper, analyzes the unique security requirements grid computing and develops a security policy and a corresponding security architecture. We also evaluate the performance of Role Based access control architecture.

Grid Computing, Grid Security, Authorization And Access Control, Role Based Access Control (Rbac), Globus Toolkit(Gt),Community Authorization Server (Cas), Virtual Organization (Vo)S.

I. Foster, C. Kesselman, “The Grid: Blueprint for a new Computing Infrastructure", Morgan Kaufmann Publishers, ISBN 1-55860-475-8, 1999.

I. Foster, C. Kesselman, and S. Tuecke. “The Anatomy of the Grid: Enabling Scalable Virtual Organizations”. International Journal of High Performance Supercomputing Applications, vol: 15, no: 3, 2001.

Miguel L. Bote-Lorenzo, Yannis A. Dimitriadis, Eduardo Gmez-Snchez, ”Grid Characteristics and Uses: A Grid Definition", In European across Grids Conference, Santiago de Compostela, Spain, pp: 291-298, 2003.

Marty Humphrey, Mary R Thomson and Keith R Jackson, “Security for Grids", Proceedings of the IEEE, Vol 93, No 3, pp: 644-652, 2005.

Von Welch, Frank Siebenlist, Ian T. Foster, John Bresnahan, Karl Cza-jkowski, Jarek Gawor, Carl Kesselman, Sam Meder, Laura Pearlman, Steven Tuecke, “Security for Grid Services", In 12th International Symposium on High-Performance Distributed Computing, Seattle, WA, USA, pp: 359-368, 22-24, June 2003.

Jiri Denemark, Michał Jankowski, Ludek Matyska, Norbert Meyer, Miroslav Ruda, Pawel Wolniewicz, "User Management for Virtual Organizations", CoreGRID Integration Workshop Proceedings, Pisa 2005.

Glen Wasson and Marty Humphrey, “Policy and Enforcement in Virtual Organizations”, In 4th International Workshop on Grid Computing (Grid2003) Phoenix, AZ., pp: 125-133, 2003.

Cui-xiao Zhang, Ying-xin Hu, Guo-bing Zhang, "Task-Role Based Dual System Access Control Model", IJCSNS International Journal of Computer Science and Network Security, Vol.6, No.7, pp: 211-215, July 2006.

Sandhu, R., Ferraiolo, D., and Kuhn, R. “The NIST model for role-based access control: Towards a unified standard”. In Proceedings of 5th ACM Workshop on Role- Based Access Control, pp: 47-63, 2000.

Ganesh Godavari and Edward Chow, "Secure Information Sharing Using Attribute Certificates and Role Based Access Control", In Proceedings of Security and Management'2005, pp: 269-276, 2005.

Uday O. Ali Pabrai, "HIPAA Security and Role Based Access Control (RBAC),"HIPAA Academy, September 5, 2003.

R.S. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman. “Role-based access control models”, IEEE Computer, Vol: 29, No: 2, pp: 38–47, 1996.

Benjamin Aziz, Simon N. Foley, John Herbert, Garret Swart, "Reconfiguring Role Based Access Control Policies Using Risk Semantics", Journal of High Speed Networks, Vol: 15, No: 3, pp: 261-273, 2006.

Globus Project. Globus Project Web Site, 2009. http://www.globus.org/.

Anil L. Pereira, Vineela Muppavarapu, and Soon M. Chung, "Role-Based Access Control for Grid Database Services Using the Community Authorization Service", IEEE Transactions On Dependable And Secure Computing, Vol. 3, No: 2, 2006.

J.B.D. Joshi, R. Bhatti, E. Bertino, and A. Ghafoor, “Access-Control Language for Multi-domain Environments,” IEEE Internet Computing, Vol. 8, No. 6, pp. 40-50, Nov.-Dec. 2004.

T. Mayfield, J.E. Roskos, S.R. Welke, and J.M. Boone, “Integrity in Automated Information Systems,” technical report, Nat’l Computer Security Center, pp: 79-91, 1991

Jongil Jeong, Weehyuk Yu, Dongkyoo Shin, Dongil Shin, Kiyoung Moon, and Jaeseung Lee, "Integration of Single Sign-On and Role-Based Access Control Profiles for Grid Computing", 8th Asia-Pacific Web Conference on Frontiers of WWW Research and Development , Vol: 3841, pp. 880-885, January 16-18, 2006.

Lorenzo Cirio, Isabel F. Cruz, and Roberto Tamassia, "A Role and Attribute Based Access Control System Using Semantic Web Technologies", In Int. IFIP Workshop on Semantic Web and Web Semantics, volume 4806 of Lecture Notes in Computer Science, pp: 1256-1266. Springer, 2007.

Chen Ying, Yang Shoubao, Guo Leitao, Liu Pengzhan, Shen Kai, "Design and Implementation of Dynamic-Role Based Access Control Framework in Grid Environment", International Conference on Information Technology: Coding and Computing, Vol: 2, pp: 758- 759, 2005.

Nathan Dimmock, Andras Belokosztolszki, David Eyers, Jean Bacon, Ken Moody, "Using Trust and Risk in Role-Based Access Control Policies", Proceedings of the ninth ACM symposium on Access control models and technologies, pp: 156 - 162, 2004.

G Geethakumari, Atul Negi, V.N Sastry, "A Cross - Domain Role Mapping and Authorization Framework for RBAC in Grid Systems", IJCSA, Vol: 6, No: 1, 2009.

M.Nithya, R.S.D.Wahidabanu, "Towards Novel and efficient security architecture for Role Based access control in grid computing”, IJCSNS Vol 1, No: 3, 2009.