Trust-Based Access Control in Storage Middleware Grids: A Reference Framework Proposal to Deploy in the Financial Sector

摘要

Fostered by the development of the Web, the financial sector has been able to develop a broad set of shared IT services. Despite the high levels of maturity that have been achieved there are still improvement opportunities concerning the sharing of services by financial institutions. This research addresses the sharing of data storage resources among different financial organizations to fulfil the needs for unplanned peaks of data storage, or to help shortening the time needed to start projects requiring allocation of storage space when this is not available in the organization. To answer to these requirements it was proposed a data grid infrastructure (SRM), centrally managed by a versatile storage resource manager middleware. Senior IT infrastructure managers of representative financial organizations have been questioned to assess the proposed solution. Security has been identified as a key concern that prevents the dissemination of this type of solutions. These solutions may be fostered by the adoption of a security mechanism that would consider the behaviour of the distinct organizations in the use of the shared resources. To meet this requirement the research proposes an algorithm for controlling the access to the storage resources based on trust, where the level of trust in the joint organizations will vary dynamically according to the fulfilment of the rules concerning the use of the shared storage by its users.