Dynamic VO Establishment in Distributed Heterogeneous Business Environments

As modern SOA and Grid infrastructures are being moved from academic and research environments to more challenging business and commercial applications, such issue as control of resource sharing become of crucial importance. In order to manage and share resources within distributed environments the idea of Virtual Organizations (VO) emerged, which enables sharing only subsets of resources among partners of such a VO within potentially larger settings. This paper describes the Framework for Intelligent Virtual Organizations (FiVO), focusing on its functionality of enforcing security (Authentication and Authorization) in dynamically deployed Virtual Organizations. The paper presents the overall architecture of the framework along with different security settings which FiVO can support within one Virtual Organization.

[1]  William E. Johnston,et al.  Authorization and attribute certificates for widely distributed access control , 1998, Proceedings Seventh IEEE International Workshop on Enabling Technologies: Infrastucture for Collaborative Enterprises (WET ICE '98) (Cat. No.98TB100253).

[2]  B. Clifford Neuman,et al.  Kerberos: An Authentication Service for Open Network Systems , 1988, USENIX Winter.

[3]  David W. Chadwick,et al.  Role-Based Access Control With X.509 Attribute Certificates , 2003, IEEE Internet Comput..

[4]  Jim Basney,et al.  The MyProxy online credential repository , 2005, Softw. Pract. Exp..

[5]  Ákos Frohner,et al.  From gridmap-file to VOMS: managing authorization in a Grid environment , 2005, Future Gener. Comput. Syst..

[6]  Jacek Kitowski,et al.  Grid organizational memory - provision of a high-level Grid abstraction layer supported by ontology alignment , 2007, Future Gener. Comput. Syst..

[7]  Peter Landrock Public Key Infrastructure , 2005, Encyclopedia of Cryptography and Security.

[8]  David W. Chadwick,et al.  PERMIS: a modular authorization infrastructure , 2008 .

[9]  Henk C. A. van Tilborg,et al.  Encyclopedia of Cryptography and Security, 2nd Ed , 2005 .

[10]  Jacek Kitowski,et al.  Formal Model for Contract Negotiation in Knowledge-Based Virtual Organizations , 2008, ICCS.

[11]  Richard O. Sinnott,et al.  Shibboleth-based Access to and Usage of Grid Resources , 2006, 2006 7th IEEE/ACM International Conference on Grid Computing.

[12]  Jacek Kitowski,et al.  Grid Organizational Memory: A Versatile Solution for Ontology Management in the Grid , 2006, 2006 Second IEEE International Conference on e-Science and Grid Computing (e-Science'06).

[13]  Jeffrey M. Bradshaw,et al.  Applying KAoS Services to Ensure Policy Compliance for Semantic Web Services Workflow Composition and Enactment , 2004, SEMWEB.

[14]  Holger Knublauch,et al.  The Protégé OWL Plugin: An Open Development Environment for Semantic Web Applications , 2004, SEMWEB.

[15]  Ian T. Foster,et al.  A community authorization service for group collaboration , 2002, Proceedings Third International Workshop on Policies for Distributed Systems and Networks.