TIRIAC: A trust-driven risk-aware access control framework for Grid environments

• A generic trust-driven risk-aware access control framework is proposed.
• Obligations are used to evaluate users’ trust degrees and mitigate risks.
• Both the negative and positive effects of accesses are considered.
• The adoption of the framework by the European Grid Infrastructure (EGI) is studied.

The infrastructure provided by a Grid enables researchers to collaboratively solve various research problems through sharing their resources and establishing virtual organizations (VOs). However, the distributed and dynamic nature of a Grid VO is a challenge for access control systems. All users in a VO have responsibilities which correspond to their rights. While they should be able to make use of all VO resources, irresponsibility and permission misuse (insider attack) impose costs and losses on the affected resources. Hence, the history of users’ behavior and the possibility of misuse need to be considered in the resource providers’ risk management process. In this paper, we propose the TIRIAC framework for Grid access control. TIRIAC is the first trust-driven risk-aware access control framework which uses obligations to seamlessly monitor users and mitigate risks. In the TIRIAC framework, trust evaluation and risk management are added to the base Grid access control services. Thereafter, site administrators can explicitly specify users’ responsibilities in form of obligations alongside access control rules. In addition, obligation-specific policies can be specified to mitigate risks according to their severity. We study the adoption of our framework by the European Grid Infrastructure (EGI), and demonstrate its superiority in comparison with the related work using multiple criteria. Moreover, we evaluate the performance of the framework and demonstrate its scalability in simulation experiments.