Extending the globus architecture with role-based trust management

Grid technology concerns the sharing of resources among a very large set of users. One of the main security issues of the Grid environment concerns the user authorization. As a matter of fact, Grid resource providers grant accesses to their resources to possibly unknown Grid users, but they want that these accesses are regulated by proper security policies. This paper proposes a framework that integrates an advanced authorization system, the RTML one, in the Globus toolkit. For each Grid user that requests to access the Grid resource, the framework determines the proper set of rights to be paired to the user depending on the trust he previously collected interacting with other sites on the Grid, instead of simply considering his identity. This trust is represented by the set of credentials issued by other Grid sites that grant to the user some roles in these sites.