A dynamic management framework for security policies in open grid computing environments

A computational grid is a kind of open and distributed computing environment enabling heterogeneous resource sharing and dynamic virtual organization (VO) membership. Dynamic security policy management for multiple VOs in grids is challenging due to the heterogeneous nature of grids. Rather than deploying in a centralized VO space to manage the security policies of multiple VOs, we propose a dynamic management framework (DMF) to manage security policies in a decentralized manner. DMF groups VOs under the same security policy framework into a virtual cluster, thus allowing homogeneous conflict analysis to be performed. There is a Policy Processing Unit to coordinate the analysis tasks, but the tasks can be distributed to VOs according to their trust relationships. Heterogeneous conflict analysis for VOs of different policy frameworks takes place at a Principal Policy Processing Unit in the grid environment. Therefore, the homogeneous and heterogeneous policy management tasks are separated.