Authorization through trust chains in ad hoc grids

Secure environment is a top-priority for all the forms of grid computing. To establish trust, traditional grids use various methods, mostly centrally oriented ones, such as certification authorities, VO management servers or credentials pools. Ad hoc grids are characterized by the absence of a central trust authority; therefore collaborating entities must establish and maintain a trust relationship among themselves. The paper presents a short overview of ad hoc grids, the definitions as well as authentication and authorization mechanisms of the environment. We design a proposal of an authorization mechanism for faster and easier formation of virtual organizations in ad hoc grid based on SPKI delegation chains where the delegation chains act as trust chains, even if they do not refer to target users.

[1]  Philip Robinson,et al.  PathTrust: A Trust-Based Reputation Service for Virtual Organization Formation , 2006, iTrust.

[2]  Akshai K. Aggarwal,et al.  PKI-Based Authentication Mechanisms in Grid Systems , 2007, 2007 International Conference on Networking, Architecture, and Storage (NAS 2007).

[3]  Fabio Kon,et al.  Trust in large-scale computational grids: an SPKI/SDSI extension for representing opinion , 2006, MCG '06.

[4]  Yki Kortesniemi,et al.  SPKI Performance and Certificate Chain Reduction , 2002, GI Jahrestagung.

[5]  Thomas Friese,et al.  Hot service deployment in an ad hoc grid environment , 2004, ICSOC '04.

[6]  Richard O. Sinnott,et al.  Supporting Decentralized, Security Focused Dynamic Virtual Organizations across the Grid , 2006, 2006 Second IEEE International Conference on e-Science and Grid Computing (e-Science'06).

[7]  Kaizar Amin,et al.  Ad hoc grid security infrastructure , 2005, The 6th IEEE/ACM International Workshop on Grid Computing, 2005..

[8]  Pascale Vicat-Blanc Primet,et al.  HIPernet: a decentralized security infrastructure for large scale grid environments , 2005, The 6th IEEE/ACM International Workshop on Grid Computing, 2005..

[9]  Maozhen Li,et al.  A Classification of Emerging and Traditional Grid Systems , 2008, IEEE Distributed Systems Online.

[10]  Thomas Friese,et al.  Towards a service-oriented ad hoc grid , 2004, Third International Symposium on Parallel and Distributed Computing/Third International Workshop on Algorithms, Models and Tools for Parallel Computing on Heterogeneous Networks.

[11]  Dennis G. Kafura,et al.  The PRIMA Grid Authorization System , 2004, Journal of Grid Computing.

[12]  Steven Tuecke,et al.  Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate Profile , 2004, RFC.

[13]  Tuomas Aura,et al.  Privacy and Accountability in Certificate Systems , 2000 .

[14]  Victoria Ungureanu Efficient support for enterprise delegation policies , 2005, SAC '05.

[15]  Jun Wang,et al.  Extending the security assertion markup language to support delegation for Web services and grid services , 2005, IEEE International Conference on Web Services (ICWS'05).

[16]  Erik Vullings,et al.  A Trust-based Access Control Model for Virtual Organizations , 2006, 2006 Fifth International Conference on Grid and Cooperative Computing Workshops.

[17]  Ian Foster,et al.  The Globus toolkit , 1998 .