Home arrow Projects funded by public calls arrow subTask 2.4 Design of a security policy management system for GT4  

Main Menu
About us
Project Description
Quantitative Results
Research Lines
Research Results
Impact on Society
Press room
Contact us
Secure Login
Events Calendar
« < April 2019 > »
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 1 2 3 4 5

subTask 2.4 Design of a security policy management system for GT4
Leader: Félix J. García 

1. Brief Description of the Goals

Globus Toolkit version 4 (GT4) provides a range of new services and features. One of these new features includes a robust implementation of Globus Web services components. This allows GT4 to complete the first stage of migration o web services that began with GT3.

The management of grid services is a complex task, i.e. there are an important number of issues to be considered. Ideally, useful grid infrastructures should offer a number of tools for managing services with the purpose of facilitating the management tasks of grid users and administrators. They also ought to provide some added-value services like, for example, checking the validity of grid management rules, performing proactive monitoring, etc., thus enabling automatic and dynamic management frameworks. In this sense, the Globus toolkit does not provide any particular solution to distributed grid management. However, several active groups of the OGF (Open Grid Forum) are starting to address some of these issues.

Aligned with that fact, our work proposes the design and implementation of a framework for managing security policies for the grid scenario based on GT4. Moreover, our framework meets certain requirements that make it different to the existing solutions (e.g., PERMIS). These requirements are the integration of web-services in the whole management cycle (from the definition ask to the enforcement and monitoring processes) and the use of semantic-aware management languages oriented to enable new added-value features, such as detection and resolution of conflicts existing between different grid management policies specified on the basis of decision rules.

2. Scientific and Technical Developed Activities
This work has designed and implemented a semantic-aware framework enabling the dynamic management of security services in GT4 infrastructures. The defined framework also represents one step towards the automatic management of security services, considering not only authorization services, but also providing additional reasoning mechanisms to deal with issues such as detection and resolution of conflicts between different grid management rules.

Some other components of the framework (as the security module area) have been used to provide security components in ubiquitous systems, routing scenarios and overlay networks. In this sense, the most relevant result of this subTask was published by Martínez, G. et al. in Internet Research Journal, vol. 17, n. 4, 2007. It provides a two-tier framework for managing semantic-aware distributed firewall policies to be applied to the devices existing in one administrative domain. Other results were published by García, F.J. et al. in Annals of Telecommunications, vol. 63, no. 3-4, 2008, and Data & Knowledge Engineering, vol. 11, 2010.

Publications: [Martinez07], [Martinez08], [García09], [Muñoz07a], [Muñoz07b], [Muñoz07c], [Muñoz09]

 Projects funded by Public Calls:  

External collaborations Academia: --

External collaborations Industry: --

Company Agreements: --

PhD dissertations: --

Patents: --