Using VO Concept for Managing Dynamic Security Associations

This research paper presents results of the analysis how the Virtual Organisation (VO) concept can be used for managing dynamic security associations in collaborative applications and for complex resource provisioning. The paper provides an overview of the current practice in VO management at the organisational level and its support at the security middleware level in Grid based applications. The paper identifies open issues and basic requirements to the VO security functionality and services and suggests possible directions of further research and development, in particular, VO management concept, dynamic interdomain trust management for user-controlled applications, multi-domain policy decision and security context management. Proposed conceptual VO model addresses VO management issues and VO security services operation. The paper is based on experiences gained from the major Grid based and Grid oriented projects in collaborative applications and complex resource provisioning.