Abstract
We have developed a policy-based decision framework that provides authorization and cost-based accounting in the EZGrid system, a resource broker for metacomputing. Primarily, this work allows the administrators and the owners to exercise more control over their resources by dictating usage permissions and/or restrictions in a grid environment. This mechanism is independent of the applications and the heterogeneous target domains. The EZGrid resource broker uses the policy engine to evaluate authorization policies of the remote site in the process of making resource choices. Globus Access to Secondary storage (GASS) is used as the back end for staging policy files, if needed, from the remote site to which authorization is required.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
J. Bester, I. Foster, C. Kesselman, J. Tedesco, S. Tuecke, “GASS: A Data Movement and Access Service for Wide Area Computing Systems,” Sixth Workshop on I/O in Parallel and Distributed Systems, May 5, 1999.
R. Butler, D. Engert, I. Foster, C. Kesselman, S. Tuecke, J. Volmer, V. Welch, “A National-Scale Authentication Infrastructure,” IEEE Computer, 2000.
B. M. Chapman, B. Sundaram, K. Thyagaraja, S.W. Masood, P. Narayanasamy, “EZGrid: A Resource Brokerage System for Grids,” http://www.cs.uh.edu/ezgrid.
K. Czajkowski, I. Foster, N. Karonis, C. Kesselman, S. Martin, W. Smith, S. Tuecke, “A Resource Management Architecture for Metacomputing Systems,” Proc. IPPS/SPDP’ 98 Workshop on Job Scheduling Strategies for Parallel Processing, 1998.
I. Foster and C. Kesselman, “Globus: A Metacomputing Infrastructure Toolkit,” International Journal of Supercomputer Applications, Summer 1997.
I. Foster and C. Kesselman, “The GRID: Blueprint for a New Computing Infrastructure,” Morgan Kauffman Publishers, 1999.
M. Litzkow, M. Livny, and M. Mutka, “Condor—A Hunter of Idle Workstations,” Proceedings of the 8th International Conference of Distributed Computing Systems, pages 104–111, June, 1988.
G. von Laszewski, I. Foster, J. Gawor, W. Smith, and S. Tuecke, “CoG Kits: A Bridge between Commodity Distributed Computing and High-Performance Grids,” ACM 2000 Java Grande Conference, 2000.
R. Raman, M. Livny, and M. Solomon, “Matchmaking: Distributed Resource Management for High Throughput Computing,” Proceedings of the Seventh IEEE International Symposium on High Performance Distributed Computing, July, 1998.
T. Ryutov, B. C. Neuman, “Representation and Evaluation of Security policies for Distributed system Services,” Proceedings of the DARPA Information Survivability Conference and Exposition, January 2000
B. Sundaram, C. Nebergall, S. Tuecke, “Policy Specification and Restricted Delegation in Globus Proxies,” Research Gem, Super Computing 2000, Dallas, TX, November 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sundaram, B., Chapman, B.M. (2001). Policy Engine: A Framework for Authorization, Accounting Policy Specification and Evaluation in Grids. In: Lee, C.A. (eds) Grid Computing — GRID 2001. GRID 2001. Lecture Notes in Computer Science, vol 2242. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45644-9_14
Download citation
DOI: https://doi.org/10.1007/3-540-45644-9_14
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42949-4
Online ISBN: 978-3-540-45644-5
eBook Packages: Springer Book Archive