| Grid problem [FKT+01] is defined as flexible, secure, coordinated resource sharing among dynamic collections of individuals, institutions, and resources. This indicates that one important feature of grid file sharing is the ability to cross multiple institutions or administrative domains to end-users. A problem which has few related work, but radically restricts file resource sharing in wide-area environment is: Conventional computational systems organize file-resources into administrative domains, accessing files in different administrative domains is constrained by varying naming and access control mechanisms. We bring forward an owner-centric grid file sharing model,this modal can make user slip the leash of administrative domains, consistently access the files distributed in different administrative domains.Firstly we provide an overview of the characteristics of grid and Vega Grid Architecture, then we analyze the existent problems to implement a grid-level file system and related work in detail.Resource sharing and security are tightly correlative, security is the foundation of resource sharing, and resource sharing is the goal of security. We analyze the characteristics of grid file sharing from security's point of view, present and define the concept of owner-centric file sharing mechanism. An important hypothesis behind this mechanism is: If A explicitly shares a resource with B, A is not only trusts B to use the resource responsibly, but also trusts B's discretion in how he further shares the resource. Maximal Discretionary Access Control (MDAC) is the access control policy of owner-centric file sharing mechanism in grid environment, we define MDAC based on the method of BLP model.Based on the analysis of owner-centric file sharing mechanism, we abstract an owner-centric file sharing model, this model offers grid an optional resource sharing policy. By dividing resource ownership into logic ownership and physical ownership, owner-centric file sharing model organizes physical resources and logic resources into owner-objects which are independent of administrative domains. By integrating model with Vega Grid Resource Router, owner-centric file sharing model can locate resources efficiently. Owner-centric file sharing model is the base of resources organizing, management and authorization of owner-centric file sharing mechanism. It solves the problem of logic resource organizing in different share node.In traditional computational system, the native file system is bound to local operating system, the UIDs and GIDs that identify the owner of files are centralized managed by local operating system. Because the UIDs and GIDs have no cross-domain abilities, the native file system can't own such abilities naturally. We propose to identify file-owner by a global unique public key, and extend the native file system to tightly bind the file-owner's public key to its files. In this way, we detach native file system from the management of local operating system, provide file system with the cross-domain file sharing ability.Based on these researchs, we design and implement a grid-level file system prototype under linux called VegaFS. The major difference between VegaFS and related researchs is that: VegaFS identifies the ownership of files by means of the tight binding between file-owner's...
|
PDF Full Text Request