Policy-Driven Access Control Over a Distributed Firewall Architecture

Overview

Motivated by a Grid based scientific application, where a dynamic collection of individuals and institutions are required to share resources to achieve certain goals, this paper propose the synthesis of two lines of research. The first line is Policy-Driven Access Control which treats policies as first-class objects that can be negotiated and tailored to particular roles. The second line is Distributed Firewalls that provide a dynamic and distributed security infrastructure bringing together peer-to-peer collaboration and hierarchical administration. Through this fusion one expects to deliver a scalable, dynamic and distributed method of setting up security infrastructures which has the benefits of allowing peer-to-peer collaboration, whilst maintaining the robustness and re-configurability of systems supplied by the central administration of the security policies.