Abstract:With the rapid development of the global information infrastructure, the use of virtual organization (VO) is gaining increasing importance as a model for building large-scale business information systems. The notion of VO is significant in that it could serve as a basic framework for implementing geographically distributed, cross-organizational application systems in a highly flexible manner. VO is generally composed of participants from different organizations driven by specific tasks. In order to control both participation and access to shared resources, authorization is essential in VO. However, authorization in VO is challenging because of the dynamic and distributed nature of VO, thus requiring mechanisms that axe efficient, scalable and being able to handle complex access control policies. This paper analyzes the requirement of authorization services for VO and proposes the use of threshold scheme as a basic mechanism for implementing authorization services in large scale distributed computing systems. While pointing out the desirable features of threshold schemes for complex authorization policies, the paper also discusses the practical limitations of threshold schemes in such an environment. The main contribution of this paper is that it suggests a practical approach for deploying threshold closure, an optimal form of threshold schemes, for implementing authorization of VO. In essence, we suggest segregating the policy and mechanism aspects of threshold closure so that complex policies may be specified using threshold closure which are implemented conveniently using existing authentication-based enforcement mechanisms available in traditional security infrastructure.

Authorization Mechanisms For Virtual Organizations In Distributed Computing Systems

Implementation Issues of Authorization Mechanisms in Grid Computing Systems

Authorization Mechanisms for Virtual Organization in Grid Computing Systems

A novel authorization mechanism for service-oriented virtual organization

Research on Multi-level Authorization Mechanism for Virtual Organization in Grid Computing System

A Delegation Logic Based Authorization Mechanism For Virtual Organizations

An Authorization Architecture Oriented to Engineering and Scientific Computation in Grid Environments

Joint Management of Authorization for Dynamic Virtual Organization.

A Formal Separation Method of Protocols to Eliminate Parallel Attacks in Virtual Organization

A Virtual Enterprise Oriented Access Control Mechanism

Multi-Level Authorization Mechanism for Web Services Based Business System

CloudVO: Building a Secure Virtual Organization for Multiple Clouds Collaboration

A secure collaboration service for dynamic virtual organizations

Novel Vo-Based Access Control Model For Grid

The Community Authorization Service: Status and Future

Access Control in Group Communication Systems

PEACE-VO: A Secure Policy-Enabled Collaboration Framework for Virtual Organizations

A Semantic-Based Framework for Virtual Organization Management

Distributed Access Control for Grid Environments Using Trust Management Approach

Study of distributed authorization framework in grid

Flexible Authorization with Decentralized Access Control Model for Grid Computing