Research On Secure And Consistent Authorization For Replicated Data In The Grid Environment

A Grid is a system that coordinates resources that are not subject to centralized control, using standard, open, general-purpose protocols and interfaces to deliver nontrivial qualities of service. A Grid is a complex environment with the characteristics of large-scale, high-rate, distributed, heterogeneous, dynamic, various, autonomous and multi-management so that it introduces challenging more security issues. In essence, the Grid computing is concerned with the sharing and coordinated use of resources as well as resolving problems collaboratively in dynamic and heterogeneous "virtual organizations". In the course of muli-user coordinating for a task, it is needed to replicate data from distance to a local domain or distribute some data to other users. There isn't an effective solution in existed authorization system to retain consistent policies of distributed data versions. This thesis does some deep discussion and analyzation about existed authorization frameworks and systems as well as this problem. Based on the open-source Grid project named "Globus" and its authorization system named "CAS", this thesis improves existed authorization frameworks, then proposes a fresh authorization framework, and designs corresponding secure mechanism and policies, and makes intra-domain and inter-domain solutions so as to resolve the problem of keeping consistent policies of replicated data in the Grid environment.