A HIGH PERFORMANCE UCON AND SEMANTIC-BASED AUTHORIZATION FRAMEWORK FOR GRID COMPUTING

Authorization infrastructures are an important and integral part of grid computing which facilitate access control functions to protect resources. This paper presents an authorization framework that combines the usage control (UCON) model with semantic web technology. To our knowledge, an authorization framework that combines both the UCON and semantic web technology in one framework has not yet been previously proposed. As the UCON model combines traditional access control, trust management and digital rights management in a grid authorization infrastructure, its adoption enhances the capability of the authorization. However, UCON-based authorization presents a problem in controlling the policy granularity and minimizing the authorization overhead due to complexity in the policies inherited from the UCON model. The growing number of users and resources in the grid makes this problem even worse. We use the semantic web technology to provide a way to automatically manage the rules in the policies, hence keeping the granularity under control. To minimize the authorization overhead, a new mechanism to reduce the number of policy checks is proposed in this paper. Our simulation result shows that the proposed mechanism provides a 63% reduction in rule checking compared to previous methods.