Group membership management framework for decentralized collaborative systems

• Autorzy: Opioła Łukasz , Jarosz Kamil , Dutka Łukasz , Słota Renata G. , Kitowski Jacek

Identyfikatory

DOI

10.7494/csci.2022.23.4.4642

• Języki publikacji: EN

Abstrakty

EN

Scientific and commercial endeavors could benefit from cross-organizational, decentralized collaboration, which becomes the key to innovation. This work addresses one of its challenges, namely efficient access control to assets for distributed data processing among autonomous data centers. We propose a group membership management framework dedicated for realizing access control in decentralized environments. Its novelty lies in a synergy of two concepts: a decentralized knowledge base and an incremental indexing scheme, both assuming a P2P architecture, where each peer retains autonomy and has full control over the choice of peers it cooperates with. The extent of exchanged information is reduced to the minimum required for user collaboration and assumes limited trust between peers. The indexing scheme is optimized for read-intensive scenarios by offering fast queries – look-ups in precomputed indices. The index precomputation increases the complexity of update operations, but their performance is arguably sufficient for large organizations, as shown by conducted tests. We believe that our framework is a major contribution towards decentralized, cross-organizational collaboration.

Słowa kluczowe

EN

group membership management; decentralized system; decentralized collaboration; coordination middleware

• Wydawca: Wydawnictwa AGH
• Czasopismo: Computer Science
• Rocznik: 2022
• Tom: T. 23 (4)
• Strony: 521--544
• Opis fizyczny: Bibliogr. 35 poz., rys., tab.

Twórcy

autor

Opioła Łukasz

• AGH University of Science and Technology, Academic Computer Centre CYFRONET AGH, Krakow, Poland

autor

Jarosz Kamil

• AGH University of Science and Technology, Faculty of Computer Science, Electronics and Telecommunications, Institute of Computer Science, Krakow, Poland

autor

Dutka Łukasz

• AGH University of Science and Technology, Academic Computer Centre CYFRONET AGH, Krakow, Poland

autor

Słota Renata G.

• AGH University of Science and Technology, Faculty of Computer Science, Electronics and Telecommunications, Institute of Computer Science, Krakow, Poland

autor

Kitowski Jacek

• AGH University of Science and Technology, Faculty of Computer Science, Electronics and Telecommunications, Institute of Computer Science, Krakow, Poland
• AGH University of Science and Technology, Academic Computer Centre CYFRONET AGH, Krakow, Poland

Bibliografia

• [1] Adams W., Davis N.: Toward a decentralized trust-based access control system for dynamic collaboration. In: Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop, pp. 317–324, 2005. doi: 10.1109/IAW.2005. 1495969.
• [2] CERN Personnel Statistics 2021. https://cds.cern.ch/record/2809746/files/CERNHR-STAFF-STAT-2021-RESTR.pdf.
• [3] Chatalic P., de Amorim Fonseca A.: A Multi-Layered Architecture for Collaborative and Decentralized Consequence Finding, Computing and Informatics, vol. 34(1), pp. 210–232, 2015.
• [4] Craß S., Joskowicz G., K¨uhn E.: A Decentralized Access Control Model for Dynamic Collaboration of Autonomous Peers. In: B. Thuraisingham, X. Wang, V. Yegneswaran (eds.), Security and Privacy in Communication Networks. SecureComm 2015, Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol. 164, pp. 519–537, Springer, Cham, 2015. doi: 10.1007/978-3-319-28865-9 28.
• [5] Di Francesco Maesa D., Mori P., Ricci L.: Blockchain Based Access Control Services. In: 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 1379–1386, 2018. doi: 10.1109/Cybermatics 2018.2018.00237.
• [6] Do H., Ng W.K.: Secure reachability query on private shared graphs. In: IEEE Ninth International Conference on Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP), pp. 1–6, 2014.
• [7] Draghici A., Burloiu C.A., Deaconescu R., Karlsson M., M¨uller D.: Teamwork: A Decentralized, Secure and Portable Team Management System. In: 12th International Symposium on Parallel and Distributed Computing, pp. 182–189, 2013.
• [8] Foster I.: The Anatomy of the Grid: Enabling Scalable Virtual Organizations. In: R. Sakellariou, J. Gurd, L. Freeman, J. Keane (eds.), Euro-Par 2001 Parallel Processing, Lecture Notes in Computer Science, vol. 2150, pp. 1–4, Springer, Berlin–Heidelberg, 2001. doi: 10.1007/3-540-44681-8 1.
• [9] Frigioni D., Miller T., Nanni U., Zaroliagis C.: An Experimental Study of Dynamic Algorithms for Transitive Closure, ACM Journal of Experimental Algorithmics, vol. 6, p. 9–50, 2001. doi: 10.1145/945394.945403.
• [10] Public Github repository with the gmm-indexer prototype and scripts. https://github.com/kjarosh/agh-gmmf-prototype.
• [11] Internet2’s Grouper. https://incommon.org/software/grouper.
• [12] Jemielniak D., Przegalinska A.: Collaborative society, MIT Press, 2020.
• [13] Jin H., Qiang W., Shi X., Zou D.: VO-Sec: An Access Control Framework for Dynamic Virtual Organization. In: C. Boyd, J.M. Gonz´alez Nieto (eds.), Information Security and Privacy, Lecture Notes in Computer Science, vol. 3574, pp. 370–381, Springer, Berlin–Heidelberg, 2005. doi: 10.1007/11506157 31.
• [14] Jung E.: A Decentralized Access Control Model for IoT with DID. In: H. Kim, K.J. Kim (eds.), IT Convergence and Security, Lecture Notes in Electrical Engineering, vol. 712, pp. 141–148, Springer, Singapore, 2021. doi: 10.1007/ 978-981-15-9354-3 14.
• [15] Khan R., Hasan R.: MIDEP: Multiparty Identity Establishment Protocol for Decentralized Collaborative Services. In: IEEE International Conference on Services Computing, pp. 546–553, 2015.
• [16] Lightweight Directory Access Protocol (LDAP). https://ldap.com.
• [17] Lenko V., Kunanets N., Pasichnyk V., Shcherbyna Y.M.: Decentralized Blockchain-based platform for collaboration in virtual scientific communities, ECONTECHMOD, vol. 8(1), pp. 21–26, 2019.
• [18] Lorch M., Kafura D.: Supporting Secure Ad-hoc User Collaboration in Grid Environments. In: Grid Computing – GRID 2002, Lecture Notes in Computer Science, vol. 2536, pp. 181–193, Springer, Berlin–Heidelberg, 2002. doi: 10.1007/ 3-540-36133-2 16.
• [19] Men R.: Research on access control method of Digital Archives based on blockchain, Journal of Physics: Conference Series, vol. 1550, 2020. doi: 10.1088/ 1742-6596/1550/6/062021.
• [20] Microsoft Azure Active Directory. https://azure.microsoft.com/en-us/services/ active-directory.
• [21] Opio la L., Dutka L., S lota R.G., Kitowski J.: Trust-driven, Decentralized Data Access Control for Open Network of Autonomous Data Providers. In: 2018 16th Annual Conference on Privacy, Security and Trust (PST), pp. 1–10, 2018.
• [22] Quinn K., Kenny A., Feeney K., Lewis D., O’Sullivan D., Wade V.: A Framework for the Decentralisation and Management of Collaborative Applications in Ubiquitous Computing Environments. In: 2006 IEEE/IFIP Network Operations and Management Symposium NOMS 2006, pp. 1–4, 2006. doi: 10.1109/NOMS. 2006.1687677.
• [23] Roditty L., Zwick U.: Improved dynamic reachability algorithms for directed graphs. In: The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings, pp. 679–688, 2002. doi: 10.1109/SFCS.2002.1181993.
• [24] Roditty L., Zwick U.: A Fully Dynamic Reachability Algorithm for Directed Graphs with an Almost Linear Update Time, SIAM Journal on Computing, vol. 45(3), pp. 712–733, 2016. doi: 10.1137/13093618X.
• [25] Schwagereit F., Scherp A., Staab S.: Representing Distributed Groups with dgFOAF. In: The Semantic Web: Research and Applications, vol. 6089, pp. 181–195, 2010.
• [26] Seufert S., Anand A., Bedathur S., Weikum G.: FERRARI: Flexible and efficient reachability range assignment for graph indexing. In: 2013 IEEE 29th International Conference on Data Engineering (ICDE), pp. 1009–1020, 2013.
• [27] Shiny S., Jasper J.: Decentralized access control technique with multi-tier authentication of user for cloud storage, Peer-to-Peer Networking and Applications, pp. 1–15, 2021.
• [28] Svirskas A., Ignatiadis I., Roberts B., Wilson M.: Virtual Organization Management Using Web Service Choreography And Software Agents. In: NetworkCentric Collaboration and Supporting Frameworks, pp. 535–542, Springer US, Boston, MA, 2006.
• [29] Tosic A., Vicic J.: A Decentralized Authoritative Multiplayer Architecture for Games on the Edge, Computing and Informatics, vol. 40(3), pp. 522–542, 2021.
• [30] Travica B.: The Design of the Virtual Organization: A Research Model. In: AMCIS 1997 Proceedings, 1997.
• [31] Viet Dung D.: Coalition Formation and Operation in Virtual Organisations, Ph.D. thesis, University of Southampton, School of Electronics and Computer Science, 2004. https://eprints.soton.ac.uk/260239/.
• [32] Wognum N., Faber E.C.C.: Infrastructures for collaboration in virtual organisations, International Journal of Networking and Virtual Organisations, vol. 1(1), pp. 32–54, 2002. doi: 10.1504/IJNVO.2002.001462.
• [33] Wrzeszcz M., Dutka L., S lota R.G., Kitowski J.: New approach to global data access in computational infrastructures, Future Generation Computer Systems, vol. 125, pp. 575–589, 2021. doi: https://doi.org/10.1016/j.future.2021.06.054.
• [34] Xhafa F., Poulovassilis A.: Requirements for Distributed Event-Based Awareness in P2P Groupware Systems. In: 24th IEEE International Conference on Advanced Information Networking and Applications Workshops, pp. 220–225, 2010.
• [35] Yeung C.A., Liccardi I., Lu K., Seneviratne O., Berners-Lee T.: Decentralization: The future of online social networking. In: W3C Workshop on the Future of Social Networking Position Papers, pp. 2–7, 2009.

Uwagi

PL

Opracowanie rekordu ze środków MEiN, umowa nr SONP/SP/546092/2022 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2022-2023).