Towards Continuous Usage Control on Grid Computational Services

Security in the grid environment is a challenging issue, because this environment instantiates interactions among a set of possibly unknown entities where no trust relationships may exist a priori, or when such relationships are not strong enough for specific applications. In this paper we propose to integrate a local monitor into the grid computational service architecture, to control the behavior of applications executed on behalf of grid users. Our approach is inspired to the concept of continuous usage control rather then simply access control to monitor the security relevant interactions of these applications with the requested services. We also describe the prototype of computational service monitor we have developed and its integration within the Globus framework.