Interactive access control with Trust Management for pervasive autonomic Networks

The fellowship targets autonomic networks with main feature on demand federation of resources, and on demand integration of services in response to a request or a goal. An autonomic network is composed of entities with heterogeneous systems and with no unified security requirements. Each entity is responsible for the management and enforcement of its own security settings.

The goal of the project is to provide a novel access control model that leverages on demand federation of services and resources in highly dynamic environments. Two research directions are addressed - an access control model for bilateral automated negotiation of access rights, and an access control model for dynamic coalition formations based on multilateral semantic interoperability of credentials.

Theoretical formulation of an interactive access control model, its implementation and quantitative assessment has been successfully performed. A negotiation scheme for automated access rights establishment has been developed, implemented and tested. It has been successfully released a first version of an IACCESS prototype for automated trust negotiation. The prototype conforms to X.509 and SAML standards. Software libraries have been released under the GNU Lesser General Public License.

The IACCESS software has been successfully integrated within a Grid monitoring system, leading to a new credential-based authorisation system for Grid. The novelty of the system is its granularity of authorisation: a coarse-grained level controls access to computational services; and a fine-grained level monitors the behaviour of applications executed by a computational service. The system guarantees that users (and their applications) authorised on the coarse-grained level behave as expected on the fine-grained level.

It has been defined a new research line on a new platform-driven approach for scalable and interoperable access control for highly dynamic coalition formations. Dynamic coalitions allow small and medium enterprises to be more innovative and competitive in the market, adapting to new opportunities in a dynamic business environment. The research investigated on necessary underlying access control models and technologies allowing for automated coalition formation and operation. The challenge ahead is to facilitate consistent access control process within a coalition formation considering the heterogeneity of security models and requirements protecting partners' resources.