Semantic-Based Access Control for Grid Data Resources in Open Grid Services Architecture - Data Access and Integration (OGSA-DAI)

In this paper, we propose a semantic-based access control method for grid data resources in the open grid services architecture - data access and integration (OGSA-DAI). The OGSA-DAI is an efficient grid-enabled middleware implementation of interfaces and services to access and control data resources (such as files, relational databases and XML databases). However, the identity-based access control in the OGSA-DAI causes substantial overhead for the resource providers in virtual organizations (VOs), because the access control information of individual users has to be maintained by each resource provider. In addition, access control policies need to be specified and managed across multiple VOs. To solve these problems, we propose the use of semantic-based access control policies in data grids. We use the Web ontology language (OWL) standard to represent the ontology of an organization´s resources and users. Recently, eXtensible Access Control Markup Language (XACML) has been increasingly used for the representation of access control policies in grid environments. We propose the use of semantics in conjunction with the XACML standard for better interoperability and reduced administration overhead.