A Context-Aware based Authorization System for Pervasive Grid Computing

This paper describes the authorization system architecture for Pervasive Grid environment. It discusses the characteristics of classical authorization system and requirements of the authorization system in pervasive grid environment as well. Based on our analysis of current systems and taking into account the main requirements of such pervasive environment, we propose new authorization system architecture as an extension of the existing grid authorization mechanisms. This architecture not only supports user attributes but also context attributes which act as a key concept for context-awareness thought. The architecture allows authorization of users dynamically when there are changes in the pervasive grid environment. For this, we opt for hybrid authorization method that integrates push and pull mechanisms to combine the existing grid authorization attributes with dynamic context assertions. We will investigate the proposed architecture using a real testing environment that includes heterogeneous pervasive grid infrastructures mapped over multiple virtual organizations. Various scenarios are described in the last section of the article to strengthen the proposed mechanism with different facilities for the authorization procedure.

Authors:

• Marilyn Lim Chien Hui
• Nabil Elmarzouqi
• Chan Huah Yong

Keywords:

• Pervasive Grid
• Authorization System
• Contextawareness
• Ubiquity.

References:

[1] Ian Foster , Carl Kesselman , Steven Tuecke, The Anatomy of the Grid:
Enabling Scalable Virtual Organizations, International Journal of High
Performance Computing Applications, v.15 n.3, p.200-222, August 2001
[2] J. Chin, N. Zhang, A. Nenadic, and O. Bamasak, "A context-constrained
authorisation (cocoa) framework for pervasive grid computing,"
Wireless Networks. [Online]. Available:
http://dx.doi.org/10.1007/s11276-008-0135-0
[3] "Pervasive Grids: Challenges and Opportunities," M. Parashar and J-M
Pierson, "Handbook of Research on Scalable Computing Technologies,"
Editors: K Li, C Hsu, Laurence T Yang, J. Dongarra and H Zima,
Information Science Reference, IGI Global, ISBN: 978-1-60566-661-7,
2009.
[4] Chakrabarti, A., "Grid Authorization System", In Grid Computing
Security. Chapter 5. Springer-Verlag, 2007.
[5] Robert G. Carter. "Authentication vs. Authorization". Kerberos: What,
Why, How? 29 May 2010.
http://www.duke.edu/~rob/kerberos/authvauth.html
[6] Andrew S. Tanenbaum, Maarten Van Steen, Distributed Systems:
Principles and Paradigms, Prentice Hall PTR, Upper Saddle River, NJ,
2001 ISBN: 978-0-13088-893-8, 2002.
[7] R. Alfieri, R. Cecchini, V. Ciaschini, L. dell- Agnello, A. Frohner, et. al.,
"VOMS, an Authorization System for Virtual Organizations". In
Proceedings of the 1st European Across Grids Conference - Santiago de
Compostela, Spain, 13-14 February 2003, 2003.
[8] Markus Lorch, Bob Cowles, Rich Baker, Leon Gommans, Paul Madsen,
Andrew McNab, Lavanya Ramakrishnan, Krishna Sankar, Dane Skow,
Mary R. Thompson, "Conceptual Grid Authorization Framework and
Classification". In Authrization Frameworks and Mechanisms -
WG,2004.
[9] "Pervasive Grids: Challenges and Opportunities," M. Parashar and J-M
Pierson, "Handbook of Research on Scalable Computing Technologies,"
Editors: K Li, C Hsu, Laurence T Yang, J. Dongarra and H Zima,
Information Science Reference, IGI Global, ISBN: 978-1-60566-661-7,
2009.
[10] Hung-Min Sun, King-Hang Wang, Pa Saffiong Kebbeh, "Distributed
Authorization and Authentication Framework for a Grid Infrastructure",
2007.
[11] LIU Shengjian, "A study on the Mechanisms of Policy-based Grid
Authorization", In 2009 International Conference on multimedia
Information Networking and Security, 2009
[12] D.W. Chadwick ad A. Otenko. "The PERMIS X.509 Role Based
Privilege Management Infrastructure". In Proc. Of 7th ACM Symposium
On Access Control Models And Technologies, 2002.
[13] Vassiliki KOUFI and George VASSILACOPOULOS, "Context-Aware
Access Control for Pervasive Access to Process-based Healthcare
Systems". In eealth the Horizon -Get IT There S.K. Andersen et al.
(Eds.) IOS Press,2008.
[14] Vassiliki KOUFI and George VASSILACOPOULOS, "Context-Aware
Access Control for Pervasive Access to Process-based Healthcare
Systems". In eealth the Horizon -Get IT There S.K. Andersen et al.
(Eds.) IOS Press,2008.