Policy engine: A framework for authorization, accounting policy specification and evaluation in grids

Abstract

We have developed a policy-based decision framework that provides authorization and cost-based accounting in the EZGrid system, a resource broker for metacomputing. Primarily, this work allows the administrators and the owners to exercise more control over their resources by dictating usage permissions and/or restrictions in a grid environment. This mechanism is independent of the applications and the heterogeneous target domains. The EZGrid resource broker uses the policy engine to evaluate authorization policies of the remote site in the process of making resource choices. Globus Access to Secondary storage (GASS) is used as the back end for staging policy files, if needed, from the remote site to which authorization is required.