The Interoperable Attribute-based Authorization in ARC Grid Middleware

Grid has been proved to be a promising technology for integrating heterogeneous resources. However, with the emerging of various Grid middle wares, the heterogeneous problem also occurs for Grid middleware themselves, as well as for the Grid services developed on those middle wares, which is an obstacle for the interoperation. SOA(Service Oriented Architecture) has been introduced into the development of Grid middewares and services to solve this problem. One of the challenging tasks in the development, integration and deployment of Grid middle wares is to provide security framework. In this paper, the key issue of Grid security framework, i.e., authorization, is focused, and an attribute-based authorization framework is presented. Due to the adoption of SAML, XACML and the generic Web Service specifications, the proposed framework can achieve interoperability to other standard-based attribute authority services, as well as other standard-based policy evaluation services.