Virtual Organisations (VOs) represent a common abstraction for describing computations and storage in a Grid environment. A VO is considered as a collaborative environment in which real organisations combine to offer applications and resources to users. Such resources could be storage capabilities, software services or simply computational power represented as physical machines. A VO policy is a statement about the expected normal behaviour of applications, resources and users in the whole VO. A VO policy is usually written in terms of VO-wide concepts; possibly all the running applications, resources and users in the VO. VO policies are crucial to the correct operation of large-scale Grid-based VOs, dealing with issues of utilisation measurement, accounting, security etc [6]. Traditionally, a VO policy is seen as the collection of the individual resource policies. This view is both easily justifiable, in the sense that the VO consists in fact of the resources themselves, and passive, in the sense that no extra effort is required to manage and enforce VO policies that attempt to give a richer statement about the overall acceptable VO behaviour. More recently, research in security policies (for example,[1]) has moved on to the adoption of VO policies that express more than what the mere individual resource policies have been set up to express. This view is more interesting in the sense that it starts from the requirements of the VO itself, even prior to its population with resources, rather than starting from the policy constraints of resources themselves. A problem, however, that arises with this latter view is regarding how the enforcement of the VO policy is achieved. There are at least two solutions: The first is to enforce the VO policy directly using a VO-wide Policy Enforcement Point (PEP). This case has the limitation of having a single centralised point of failure (such as operational or semantic failures). The second solution, which we adopt in this paper, is based on refining VO policies from their VO-wide representation down to their computational-level representation at individual resources [3]. This latter approach avoids the development of a centralised VO PEP but it is constrained by the limitations of the refinement algorithm and the fact that not all VO policies can be refined. We restrict our treatment in this paper to VO security policies, i.e. policies concerned with the access control of resources by users, that can be refined. Furthermore, we allow our refinement to be guided by predefined VO-to-resource hierarchies in a similar manner to [5], who assume the preexistence of a data refinement structure mapping high level VO concepts to low level computational ones.
[1]
Morris Sloman,et al.
Policies Hierarchies for Distributed Systems Management
,
1993,
IEEE J. Sel. Areas Commun..
[2]
Marty Humphrey,et al.
Toward explicit policy management for virtual organizations
,
2003,
Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.
[3]
Álvaro Enrique Arenas,et al.
Controlling Usage in Business Process Workflows through Fine-Grained Security Policies
,
2008,
TrustBus.
[4]
David W. Chadwick,et al.
Automated decomposition of access control policies
,
2005,
Sixth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'05).