Title :
Description Logic and Subject Attribute Based Grid Authorization Model
Author :
Hu, Dianyou ; Zhang, Bin ; Yang, Yan
Author_Institution :
Zhengzhou Inf. Sci. & Technol. Inst., Zhengzhou, China
Abstract :
The grid cross domain authorization has been a research hotspot in the information security held. The existing gird cross-domain authorization mechanisms are not flexible and intelligent enough. To solve the problem we propose a grid authorization model based on the description logic (DL) and the attribute based access control (ABAC). The DL formulates the definition and representation of attributes, provides inference services of attribute relations in the semantic layer to the ABAC engine and makes the authorization procedure more intelligent and normalized. Based on the DL´s functions, the ABAC makes the cross domain authorization policies more flexible. A scenario of the cross RBAC domain authorization procedure and the analysis of the security and time complexity are given in the end which prove the security and usability of the model.
Keywords :
authorisation; computational complexity; grid computing; inference mechanisms; ABAC engine; attribute based access control; cross domain authorization policies; description logic; grid cross domain authorization model; inference services; information security; semantic layer; subject attribute based grid authorization model; time complexity; Access control; Authorization; IP networks; Information science; Information security; Knowledge representation; Logic; Search engines; Usability; Web sites;
Conference_Titel :
Information Engineering and Computer Science, 2009. ICIECS 2009. International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-4994-1
DOI :
10.1109/ICIECS.2009.5363556
