期刊名称:International Journal of Computer Science and Information Technologies
电子版ISSN:0975-9646
出版年度:2010
卷号:1
期号:1
页码:16-23
出版社:TechScience Publications
摘要:Recently, there arose a necessity to distribute computing applications frequently across grids. Ever more these applications depend on services like data transfer or data portal services and submission of jobs. Owing to the fact that the distribution of services and resources in wide-area networks are heterogeneous, dynamic, and multi-domain, security is of vital significance in grid computing. Authorization and access control; the significant aspects of security, have attracted increased attention in grid computing. Role Based Access Control (RBAC) is an emerging access control mechanism in grid computing. RBAC was afforded in the Globus toolkit with the support of Community Authorization Service (CAS) and this CAS was employed by several researchers in providing access control. The major problem with the CAS is that the user credentials are revealed to the virtual organization (VO) thereby leaving them in jeopardy. Moreover, once the user credentials are hacked, both the user and VO resources become vulnerable. In this paper, we have proposed a novel architecture for Role Based Access Control in Grid computing where user credential and security are regarded as a prime concerns while sharing data and computational resources in a grid problem. The evaluation mechanism detailed in this paper is highly resistant for both the users as well as for the VO resources. In the proposed mechanism, the user credentials are not revealed to the VOs, thus protecting the users from hacking possibilities. Since the hacking possibilities of user credentials are reduced the proposed system also prevents VO resources being hacked by some adversary users of the organization. This makes our model more efficient when compared to other models.
关键词:Grid computing; Grid security; Authorization and;Access Control; Role Based Access Control (RBAC); Community;Authorization Server (CAS); Virtual Organization (VO); User;credentials.
