UPM Institutional Repository

A federated usage control framework with ontology-based policy and elimination of irrelevant rules set algorithm for grid computing authorization


Citation

Maizura, Ibrahim (2019) A federated usage control framework with ontology-based policy and elimination of irrelevant rules set algorithm for grid computing authorization. Doctoral thesis, Universiti Putra Malaysia.

Abstract

This research explores the problem of providing a fine-grained authorization while maintaining the performance of authorization in grid computing. A high-level granularity access control model needs to be applied to achieve a fine-grained authorization. However, the high-level granularity access control caused high complexity and increased the number of rules that must be checked during the authorization process, which degrade the overall authorization performance. The impact of this problem becomes worst in a grid computing environment due to a large number of users and resource pools in the grid virtual organization (VO). This thesis aims at providing solutions to the problem by introducing an authorization framework, namely the Federated Grid Usage Control (FGUC) with a new ontology-based policy model, namely, the UCON based Access Control Ontology (UBACO), and a new grid authorization algorithm, namely, the Elimination of the Irrelevant Authorization Rules Set (EIARS). UBACO is created with the aim to reduce the comprehensive complexity of the high-level granularity policy model, and EIARS is developed with the aim to reduce the number of checked rules during the authorization process. The quality of UBACO is validated by five human experts, and its comprehensive complexity is measured. Meanwhile, the effect of EIARS in reducing the number of checked rules during the authorization process is evaluated using a simulation technique. The results indicate that, by implementing the UBACO, the weighted comprehensive complexity is reduced by 40.5% as compared to the UCON based policy proposed by Martinelli and Mori (2010). The number of checked rules during the authorization process is reduced by 80% with the EIARS compared to the GAG proposed by Kaiiali et al. (2013). Therefore, it can be concluded that this research has accomplished the aimed objectives.


Download File

[img] Text
FSKTM 2020 8 ir.pdf
Download (1MB)

Additional Metadata

Item Type: Thesis (Doctoral)
Subject: Mathematical optimization
Subject: Algorithms
Subject: Computational grids (Computer systems)
Call Number: FSKTM 2020 8
Chairman Supervisor: Professor Hamidah Ibrahim, PhD
Divisions: Faculty of Computer Science and Information Technology
Depositing User: Mas Norain Hashim
Date Deposited: 23 Jul 2021 02:26
Last Modified: 01 Dec 2021 06:53
URI: http://psasir.upm.edu.my/id/eprint/90345
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item