A Model for Usage Policy-based Resource Allocation in Grids Catalin L. Dumitrescu Dept. of Computer Science The University of Chicago catalind@cs.uchicago.edu Michael Wilde Math and CS Division Argonne Natl. Laboratory & University of Chicago Ian Foster Math and CS Division Argonne Natl. Laboratory & University of Chicago Abstract Challenging usage policy issues can arise within virtual organizations (VOs) that integrate participants and resources spanning multiple physical institutions. Participants may wish to delegate to one or more VOs the right to use certain resources subject to local policy and service level agreements; each VO then wishes to use those resources subject to VO policy. How are such local and VO policies to be expressed, discovered, interpreted, and enforced? As a first step to addressing these questions, we develop and evaluate policy management solutions within a specialized context, namely scientific data grids within which the resources to be shared are computers and storage. We propose an architecture and recursive policy model, and define roles and functions, for scheduling resources in grid environments while satisfying resource owner and VO policies. 1. Introduction We consider scenarios in which providers wish to grant to consumers the right to use certain resources for some agreed-upon time period. Providers might be companies providing outsourcing services, or scientific laboratories that provide different collaborations with access to their computing resources. Providers and consumers may be nested: a provider may function as a middleman, providing access to resources to which the provider has itself been granted access by some other provider. Usage policy issues can arise at multiple levels in such scenarios. Providers want to express (and enforce) the policies under which resources are made available to consumers. Consumers want to access and interpret policy statements published by providers, in order to monitor their agreements and guide their activities. Both providers and consumers want to verify that policies are applied correctly. In summary, we are interested in the expression, publication, discovery, enforcement, and verification of policies, at both resource provider and consumer levels. We report here on work that addresses these issues within a specific problem domain, namely the distributed analysis of large quantities of scientific data [1]. In so-called “data grids,” we have a three- level structure in which individual scientists and sites provide resources (computers, storage, and networks) to scientific collaborations that in turn provide resources to their members. Providers and consumers negotiate service level agreements (SLAs) to establish what resources providers make available for consumer use. VOs must then allocate aggregate resources provided by different owners to different VO purposes, and orchestrate distributed data analyses to use those aggregated resources efficiently. This problem encompasses challenging and interrelated policy, scheduling, and security issues. We focus here on policy issues, although from a scheduling perspective. Specifically, we seek to address the following questions: “How usage policies are enforced at the resource and VO level?”, “What strategies must a VO deploy to ensure usage policy enforcement?”, “How are usage policies distributed to enforcement points?”, and “How usage policies are made available to VO job and data planners?” In addressing these questions, we build on previous work concerning the specification and enforcement of local resource scheduling policies [2,3,4,5,6]; the negotiation of SLAs with remote resource sites [7,8]; and expressing and managing VO usage policies [9]. We extend this work to Grid environments, such as Grid3 [10], which are composed of sites, VOs, VO groups and other entities. 2. Problem Statement The grids that we target in this work may comprise hundreds of institutions and thousands of individual investigators that collectively control tens or hundreds of thousands of computers and associated storage systems [11,12]. Each individual investigator and