A dynamic role-based authorization model in grid environment

In large-scale grid environment, the authorization plays a vital role in access control to resources. For the demand of higher dynamicity, complexity and granularity on grid environment, a novel model named dynamic role-based access control (DRBAC) based on RBAC model is presented. DRBAC introduces conceptions of several objects such as rolegraph initial structure, atom role and middle role, and it can automatically adjust the role-graph's structure through dynamically adding new roles or deleting original roles. The authorization mechanism which combines DRBAC model and CAS servers provides an effective method to solve loading and security problems. Theoretical analyses and example demonstrate that it is of high safety and has good time and space complexity when authorizing.