Extending Role-based Access Control Model with Context for Grid Applications

摘要

The Grid infrastructure presents many challenges due to its inherent heterogeneity, multi-domain characteristic and highly dynamic nature. One critical challenge is providing authentication, authorization and access control guarantees. Despite the recent advances in access control approaches applicable to Grid computing, there remain issues that impede the development of effective access control models for Grid applications. Amongst them are the lack of context-aware models for access control, and reliance on identity or capability-based access control schemes. In this paper, we propose RCBAC model that extends the RBAC with context constraints. The RCBAC mechanisms dynamically grant and adapt permissions to users based on a set of contextual information collected from the system and user's environments, while retaining the advantages of RBAC model. We also describe the implementation architecture of RCBAC for the grid application.