SVOPME: A Scalable Virtual Organization Privilege Management Environment
Small Business Information
5621 Arapahoe Avenue, Suite A, Boulder, CO, 80303
AbstractAlthough modern Grid middleware is beginning to support role-based authorization, there is an information disconnect in existing mechanisms between Virtual Organizations (VOs) and site authorization control. This disconnect prevents privilege policies deÂ¿ned by VOs from propagating to Grid sites automatically. As more VOs are joining the Grid, manually maintaining and administratÂing VOs and grid sites becomes very costly. This project will develop SVOPME for automating the propagation of VO privileges to Grid sites. It will utilize the extensible Access Control Markup Language(XACML) for specifying VO privilege policies and will develop tools and services to facilitate the functionality. The Phase I project successfully developed a set of prototype tools for SVOPME that support 3 VO privilege policies as examples. It demonstrated how SVOPME helps VO deÂ¿ne and document VO privilege policies and how SVOPME propagates these policies from VOs to Grid site and supports automatic validation and modiÂ¿cation of local conÂ¿gurations. The Phase II project will focus on enhancing the usability and commercialization of the tools. Commercial Applications and other Benefits as described by the awardee: An integrated and robust privilege management environment, like SVOPME, is a key addition to operating a Grid computing environment. SVOPME will reduce the cost in managing both the VOs and shared resources, making the Grid easier to use and operate.
* information listed above is at the time of submission.