Abstract
In workflow and grid environment, the security challenges with the appearance of composite service increasingly become more severe than before especially to the traditional static access control model and dynamic authorization model. To solve these challenges, we presented a Dynamic Access Control Prediction mechanism for service workflow on the basis of Markov Chain. In fact, this prediction mechanism is only one part of the larger system, Composite-Service Authorization Prediction platform (CAP), which is totally composed of three key modules-— composite-service pre-processing, result feedback, and authorization prediction. In this paper, we present the design of its architecture as a whole.
This paper is supported by National Science Foundation under grant 90412010 and China CNGI project under grant CNGI-04-15-7A
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Kang, M.H., Park, J.S., Froscher, J.N.: Access Control Mechanisms for Inter-Organizational Workflow. In: Proceedings of 6th ACM Symposium on Access Control Models and Technologies, Chantilly, Virginia, USA, pp. 66–74. ACM Press, New York (2001)
Workflow Management Coalition Terminology & Glossary (WFMC-TC-1011, v3.0), http://www.wfmc.org/standards/docs/TC-1011_term_glossary_v3.pdf
Foster, I., Kesselman, C., Tuecke, S.: The Anatomy of the Grid: Enabling Scalable Virtual Organizations. International Journal of High Performance Computing Applications 15(3), 200–222 (2001)
Jin, H.: ChinaGrid: Making Grid Computing a Reality. In: Chen, Z., Chen, H., Miao, Q., Fu, Y., Fox, E., Lim, E.-p. (eds.) ICADL 2004. LNCS, vol. 3334, pp. 13–24. Springer, Heidelberg (2004)
Harrison, M.H., Ruzzo, W.L., Ullman, J.D.: Protection in operating systems. Communications of the ACM 19(8), 461–471 (1976)
Ferraiolo, D., Kuhn, R.: Role-Based Access Controls. In: Proceedings of the 15th NIST-NCSC National Computer Security Conference, pp. 554–563 (1992)
Sandhu, R., Conyne, E.J., Lfeinstein, H., Youman, C.E.: Role based access control models. IEEE Computer 29(2), 38–47 (1996)
Thomas, R.K., Sandhu, R.S.: Towards a task-based paradigm for flexible and adaptable access control in distributed applications. In: Proceedings of the 1992-1993 ACM SIGSAC New Security Paradigms Workshops, pp. 138–142 (1993)
Thomas, R.K., Sandhu, R.S.: Task-Based authorization: a research project in next-generation active security models for workflows. In: Proceedings of NSF Workshop on Workflow and Process Automation in Information Systems: State-of-the-Art and Future Directions (1996)
Thomas, R.K., Sandhu, R.S.: Task-based authentication controls (TABC): A family of models for active and enterprise-oriented authentication management. In: Proc. of the IFIP WG11.3 Workshop on Database Security, pp. 166–181 (1997)
Foster, I., Kesselman, C.: Globus: A Metacomputing Infrastructure Toolkit. International Journal of Supercomputer Applications 11(2), 115–129 (1998)
GT 4.0: Security: Community Authorization Service, http://www.globus.org/toolkit/docs/4.0/security/cas/
Pearlman, L., Kesselman, C., Welch, V., Foster, I., Tuecke, S.: The Community Authorization Service: Status and Future. In: Computing in High Energy and Nuclear Physics, La Jolla, California, pp. 24–28 (2003)
Business Process Execution Language for Web Services Version 1.1, http://www-106.ibm.com/developerworks/webservices/library/ws-bpel/
ActiveBPEL engine, http://www.activebpel.org/index.html
Yi, C., Jin, H., Wang, C.: Dynamic Access Control Prediction for Ordered Service Sequence in Grid Environment. In: Proceedings of the 2006 IEEE/WIC/ACM International Conference on Web Intelligence, IEEE Computer Society, Hong Kong, China (2006)
Web Services Business Process Execution Language Version 2.0, http://docs.oasis-open.org/wsbpel/2.0/wsbpel-specification-draft.pdf
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yi, C., Jin, H., Di, S. (2007). A Composite-Service Authorization Prediction Platform for Grid Environment. In: Luo, Y. (eds) Cooperative Design, Visualization, and Engineering. CDVE 2007. Lecture Notes in Computer Science, vol 4674. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74780-2_26
Download citation
DOI: https://doi.org/10.1007/978-3-540-74780-2_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74779-6
Online ISBN: 978-3-540-74780-2
eBook Packages: Computer ScienceComputer Science (R0)