The manufacturing grid, as an application of the grid, consists of a collection of heterogeneous resources across multiple administrative domains with the intent of providing enterprises to realize resource sharing and collaboration. Due to its inherent heterogeneity, multi-domain characteristic, and highly dynamic nature, one critical challenge is providing authorization and access control guarantees which focuses on the issues of management and enforcement of dynamic privileges of the users in the manufacturing grid. We propose the dynamic role based access control mechanism as the method for supporting dynamic restricted rights management in the manufacturing grid. It complements the current authorization mechanisms of the grid to dynamically grant active roles to users according to their current context, and adapt the dynamic permissions of users based on the active role. We also introduce the prototype implementation within the project of Shanghai High Institutions Grid.
[1]
D. Richard Kuhn,et al.
A role-based access control model and reference implementation within a corporate intranet
,
1999,
TSEC.
[2]
William E. Johnston,et al.
Authorization and attribute certificates for widely distributed access control
,
1998,
Proceedings Seventh IEEE International Workshop on Enabling Technologies: Infrastucture for Collaborative Enterprises (WET ICE '98) (Cat. No.98TB100253).
[3]
Ian T. Foster,et al.
A community authorization service for group collaboration
,
2002,
Proceedings Third International Workshop on Policies for Distributed Systems and Networks.
[4]
Ian T. Foster,et al.
A security architecture for computational grids
,
1998,
CCS '98.