Enhancing the Performance of Advanced Fine-Grained Grid Authorization System

Grid computing is a system that coordinates distributed resources using standards, open, general purpose protocols and interfaces to provide nontrivial quality of services. Usage Control model (UCON) is a new emerging authorization framework that combined features of traditional access control, trust management and digital right management in one abstraction. Adoption of UCON improved the fine-grain of grid authorization policy. The major problem of the UCON based authorization is the finer-grain the authorization, the higher overhead will be impacted to the system. This is because fine-grained authorization required very complex policies to define rules accurately. To evaluate complex policies is very time consuming as the system needs to check rules by rules in each policy for each resource in order to produce the access result, resulting in lower authorization performance. This limitation is crucial for large collaborative environment like grid where user and resource keep increasing year by year. Therefore, a mechanism to reduce the number of checking during authorization process is needed. In this study we propose a mechanism to reduce the number of rules checking by eliminating irrelevant set of rules. The irrelevant rules are determined by the dependency of rules model. Our simulation result shows that our technique able to further reduce the number of rules checking in grid authorization system compared to previous method. The checking process also can be skipped for certain rules using our method.