Welcome to the InfoSci Platform
Reference Hub2
Semantic-Based Access Control for Data Resources in Open Grid Services Architecture: Data Access and Integration (OGSA-DAI)

Semantic-Based Access Control for Data Resources in Open Grid Services Architecture: Data Access and Integration (OGSA-DAI)

Vineela Muppavarapu, Soon M. Chung
Copyright: © 2014 |Volume: 6 |Issue: 2 |Pages: 23
ISSN: 1938-0259|EISSN: 1938-0267|EISBN13: 9781466654440|DOI: 10.4018/ijghpc.2014040101
Cite Article Cite Article

MLA

Muppavarapu, Vineela, and Soon M. Chung. "Semantic-Based Access Control for Data Resources in Open Grid Services Architecture: Data Access and Integration (OGSA-DAI)." IJGHPC vol.6, no.2 2014: pp.1-23. http://doi.org/10.4018/ijghpc.2014040101

APA

Muppavarapu, V. & Chung, S. M. (2014). Semantic-Based Access Control for Data Resources in Open Grid Services Architecture: Data Access and Integration (OGSA-DAI). International Journal of Grid and High Performance Computing (IJGHPC), 6(2), 1-23. http://doi.org/10.4018/ijghpc.2014040101

Chicago

Muppavarapu, Vineela, and Soon M. Chung. "Semantic-Based Access Control for Data Resources in Open Grid Services Architecture: Data Access and Integration (OGSA-DAI)," International Journal of Grid and High Performance Computing (IJGHPC) 6, no.2: 1-23. http://doi.org/10.4018/ijghpc.2014040101

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

This paper proposes a semantic-based access control system for the data resources in the Open Grid Services Architecture - Data Access and Integration (OGSA-DAI). OGSA-DAI is a widely used middleware for integrating data resources in Grids. However, the identity-based access control in OGSA-DAI causes substantial overhead for the resource providers in virtual organizations (VOs), because the access control information of individual users has to be maintained by each resource provider. To solve these problems, the authors propose a semantic-based access control system using Shibboleth and ontology. Shibboleth, an attribute authorization service, is used to manage the user attributes, and the Web Ontology Language (OWL) is used to represent the ontology of the data resources and users. By using ontology, VOs can resolve the differences in their terminologies and specify access control policies based on concepts and user roles, instead of individual resources and user identities. As a result, the administration overhead of the resource providers is reduced considerably. In addition, the eXtensible Access Control Markup Language (XACML) is used to specify the access control policies uniformly across multiple VOs. The authors also developed an XACML policy administration tool that allows the administrators to create, update, and manage XACML policies. The performance analysis shows that our proposed system adds only a small overhead to the existing security mechanism of OGSA-DAI.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.