Title :
Access control policy negotiation for remote hot-deployed grid services
Author :
Xue, Wei ; Huai, Jinpeng ; Liu, Yunhao
Author_Institution :
Dept. of Comput. Sci. & Technol., Beihang Univ., Beijing
Abstract :
Service grid is a widely distributed environment, where service deployers and containers may be located in different autonomous domains. In such cases, different from traditional scenarios such as J2EE applications, the access control policy should not be determined by a deployer or a container only. Existing grid application deployment solutions do not address this unique requirement. In this paper, we propose a general approach, namely CROWN.ST, an access control policy negotiation solution for remote hot-deployment of grid services in CROWN (China R&D Environment Over Wide-area Network). Based on an access control policy language derived from non-recursive stratified Datalog with constraints, we design the negotiation procedure and three types of meta-policies. We implement a CROWN.ST prototype and evaluate our design by comprehensive experiments
Keywords :
Java; authorisation; grid computing; CROWN.ST; China R&D Environment Over Wide-area Network; J2EE applications; access control policy negotiation; distributed environment; grid application deployment; grid computing; metapolicies; nonrecursive stratified Datalog; remote hot-deployed grid services; security; trust; Access control; Application software; Computer science; Containers; Data security; Grid computing; Network topology; Prototypes; Research and development; Simple object access protocol; CROWN; Grid Computing; Implementation; Policy Negotiation; Security; Trust;
Conference_Titel :
e-Science and Grid Computing, 2005. First International Conference on
Conference_Location :
Melbourne, Vic.
Print_ISBN :
0-7695-2448-6
DOI :
10.1109/E-SCIENCE.2005.11
