A federated usage control framework with ontology-based policy and elimination of irrelevant rules set algorithm for grid computing authorization
This research explores the problem of providing a fine-grained authorization while maintaining the performance of authorization in grid computing. A high-level granularity access control model needs to be applied to achieve a fine-grained authorization. However, the high-level granularity access...
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Language: | English |
Published: |
2019
|
Subjects: | |
Online Access: | http://psasir.upm.edu.my/id/eprint/90345/1/FSKTM%202020%208%20ir.pdf http://psasir.upm.edu.my/id/eprint/90345/ |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my.upm.eprints.90345 |
---|---|
record_format |
eprints |
spelling |
my.upm.eprints.903452021-12-01T06:53:45Z http://psasir.upm.edu.my/id/eprint/90345/ A federated usage control framework with ontology-based policy and elimination of irrelevant rules set algorithm for grid computing authorization Maizura, Ibrahim This research explores the problem of providing a fine-grained authorization while maintaining the performance of authorization in grid computing. A high-level granularity access control model needs to be applied to achieve a fine-grained authorization. However, the high-level granularity access control caused high complexity and increased the number of rules that must be checked during the authorization process, which degrade the overall authorization performance. The impact of this problem becomes worst in a grid computing environment due to a large number of users and resource pools in the grid virtual organization (VO). This thesis aims at providing solutions to the problem by introducing an authorization framework, namely the Federated Grid Usage Control (FGUC) with a new ontology-based policy model, namely, the UCON based Access Control Ontology (UBACO), and a new grid authorization algorithm, namely, the Elimination of the Irrelevant Authorization Rules Set (EIARS). UBACO is created with the aim to reduce the comprehensive complexity of the high-level granularity policy model, and EIARS is developed with the aim to reduce the number of checked rules during the authorization process. The quality of UBACO is validated by five human experts, and its comprehensive complexity is measured. Meanwhile, the effect of EIARS in reducing the number of checked rules during the authorization process is evaluated using a simulation technique. The results indicate that, by implementing the UBACO, the weighted comprehensive complexity is reduced by 40.5% as compared to the UCON based policy proposed by Martinelli and Mori (2010). The number of checked rules during the authorization process is reduced by 80% with the EIARS compared to the GAG proposed by Kaiiali et al. (2013). Therefore, it can be concluded that this research has accomplished the aimed objectives. 2019-07 Thesis NonPeerReviewed text en http://psasir.upm.edu.my/id/eprint/90345/1/FSKTM%202020%208%20ir.pdf Maizura, Ibrahim (2019) A federated usage control framework with ontology-based policy and elimination of irrelevant rules set algorithm for grid computing authorization. Doctoral thesis, Universiti Putra Malaysia. Mathematical optimization Algorithms Computational grids (Computer systems) |
institution |
Universiti Putra Malaysia |
building |
UPM Library |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
Universiti Putra Malaysia |
content_source |
UPM Institutional Repository |
url_provider |
http://psasir.upm.edu.my/ |
language |
English |
topic |
Mathematical optimization Algorithms Computational grids (Computer systems) |
spellingShingle |
Mathematical optimization Algorithms Computational grids (Computer systems) Maizura, Ibrahim A federated usage control framework with ontology-based policy and elimination of irrelevant rules set algorithm for grid computing authorization |
description |
This research explores the problem of providing a fine-grained authorization while
maintaining the performance of authorization in grid computing. A high-level
granularity access control model needs to be applied to achieve a fine-grained
authorization. However, the high-level granularity access control caused high
complexity and increased the number of rules that must be checked during the
authorization process, which degrade the overall authorization performance. The
impact of this problem becomes worst in a grid computing environment due to a
large number of users and resource pools in the grid virtual organization (VO).
This thesis aims at providing solutions to the problem by introducing an
authorization framework, namely the Federated Grid Usage Control (FGUC) with
a new ontology-based policy model, namely, the UCON based Access Control
Ontology (UBACO), and a new grid authorization algorithm, namely, the
Elimination of the Irrelevant Authorization Rules Set (EIARS). UBACO is created
with the aim to reduce the comprehensive complexity of the high-level granularity
policy model, and EIARS is developed with the aim to reduce the number of
checked rules during the authorization process. The quality of UBACO is validated
by five human experts, and its comprehensive complexity is measured.
Meanwhile, the effect of EIARS in reducing the number of checked rules during
the authorization process is evaluated using a simulation technique. The results
indicate that, by implementing the UBACO, the weighted comprehensive
complexity is reduced by 40.5% as compared to the UCON based policy proposed
by Martinelli and Mori (2010). The number of checked rules during the
authorization process is reduced by 80% with the EIARS compared to the GAG
proposed by Kaiiali et al. (2013). Therefore, it can be concluded that this research
has accomplished the aimed objectives. |
format |
Thesis |
author |
Maizura, Ibrahim |
author_facet |
Maizura, Ibrahim |
author_sort |
Maizura, Ibrahim |
title |
A federated usage control framework with ontology-based policy and elimination of irrelevant rules set algorithm for grid computing authorization |
title_short |
A federated usage control framework with ontology-based policy and elimination of irrelevant rules set algorithm for grid computing authorization |
title_full |
A federated usage control framework with ontology-based policy and elimination of irrelevant rules set algorithm for grid computing authorization |
title_fullStr |
A federated usage control framework with ontology-based policy and elimination of irrelevant rules set algorithm for grid computing authorization |
title_full_unstemmed |
A federated usage control framework with ontology-based policy and elimination of irrelevant rules set algorithm for grid computing authorization |
title_sort |
federated usage control framework with ontology-based policy and elimination of irrelevant rules set algorithm for grid computing authorization |
publishDate |
2019 |
url |
http://psasir.upm.edu.my/id/eprint/90345/1/FSKTM%202020%208%20ir.pdf http://psasir.upm.edu.my/id/eprint/90345/ |
_version_ |
1718927738013745152 |
score |
13.160551 |