Access control model for inter-organizational grid virtual organizations

Abstract

The grid has emerged as a platform that enables to put in place an inter-organizational shared space known as Virtual Organization. The Virtual Organization (VO) encompasses users and resources supplied by the different partners for achieving the VO's creation goal. Though many works offer solutions to manage a VO, the dynamic, on the fly creation of virtual organizations is still a challenge. Dynamic creation of VOs is associated with the automated generation of access control policy to trace its boundaries, specify the different partners' rights within it and assure its management during its life time. In this paper, we propose an OrBAC (Organization Based Access Control model) based Virtual Organization model which serves as a corner stone in the VO creation automated process. OrBAC framework specifies the users' access permissions/interdiction to the VO resources, where its administration model AdOrBAC flexibly models the multi-stakeholder administration in the Grid. © Springer-Verlag Berlin Heidelberg 2005.