An Authentication and Access Control Framework for Group Communication Systems in Grid Environment

Collaboration is used for information sharing and activity coordinating, and it exists broadly in many fields. Group communication enables efficient communication between a set of processes logically organized into groups and communicating via multicast in an asynchronous environment. One of the key technologies for collaborative applications is secure group communication. Current research on secure group communication scarcely considers the existing security mechanism in local systems. As a result, group communication systems couldn 't provide general support for collaborative applications running on a specific system. Based on the existing grid security technologies, we propose an authentication and access control framework at virtual organization (VO) level for group communication in grid environment. By introducing role-based access control (RBAC) and attribute-based approach, we define group management policies and design group control protocols. The protocols are analyzed from three aspects: compatibility, performance, and security. Finally, we implement a prototype based on GridShib.