Abstract
A computational grid is a kind of open and distributed computing environment enabling heterogeneous resource sharing and dynamic virtual organization (VO) membership. Dynamic security policy management for multiple VOs in grids is challenging due to the heterogeneous nature of grids. Rather than deploying in a centralized VO space to manage the security policies of multiple VOs, we propose a dynamic management framework (DMF) to manage security policies in a decentralized manner. DMF groups VOs under the same security policy framework into a virtual cluster, thus allowing homogeneous conflict analysis to be performed. There is a Policy Processing Unit to coordinate the analysis tasks, but the tasks can be distributed to VOs according to their trust relationships. Heterogeneous conflict analysis for VOs of different policy frameworks takes place at a Principal Policy Processing Unit in the grid environment. Therefore, the homogeneous and heterogeneous policy management tasks are separated.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Box, D., Curbera, F., Hondo, M., Kale, C., Langworthy, D., Nadalin, A., Nagaratnam, N., Nottingham, M., von Riegen, C., Shewchuk, J.: Specification: Web Services Policy Framework (WSPolicy), available at http://www-106.ibm.com/developerworks/library/ws-polfram/
Foster, I., Kesselman, C., Nick, J., Tuecke, S.: The Physiology of the Grid: An Open Grid Services Architecture for Distributed Systems Integration (2002), avaliable at http://www.globus.org (Version: 6/22/2002)
Moore, B., Ellesson, E., Strassner, J., Westerinen, A.: Policy Core Information Model – Version 1 Specification, IETF Network Group RFC 3060 (February 2001)
Stone, G.N., Lundy, B., Xie, G.G.: U.S Department of Defense: Network Policy Languages: A Survey and a New Approach. IEEE Network (January/February 2001)
Strassner, J., Ellesson, E.: Terminology for Describing Network Policy and Services, Internet draft draft-strasner-policy-terms-01.txt (1998)
Verma, D., Sahu, S., Calo, S., Beigi, M., Chang, I.: A Policy Service for GRID Computing. In: Parashar, M. (ed.) GRID 2002. LNCS, vol. 2536, pp. 243–255. Springer, Heidelberg (2002)
Welch, V., Siebenlist, F., Foster, I., Bresnahan, J., Czajkowski, K., Gawor, J., Kesselman, C., Meder, S., Pearlman, L., Tuecke, S.: Security for Grid Services. In: Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing, HPDC 2003 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yu, CM., Ng, KW. (2004). A Dynamic Management Framework for Security Policies in Open Grid Computing Environments. In: Jin, H., Pan, Y., Xiao, N., Sun, J. (eds) Grid and Cooperative Computing - GCC 2004. GCC 2004. Lecture Notes in Computer Science, vol 3251. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30208-7_126
Download citation
DOI: https://doi.org/10.1007/978-3-540-30208-7_126
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23564-4
Online ISBN: 978-3-540-30208-7
eBook Packages: Springer Book Archive