Mr Riccardo Zappi (INFN-CNAF)
In the near future, data on the order of hundred of Petabytes will be spread in multiple storage systems worldwide dispersed in, potentially, billions of replicated data items. Users, typically, are agnostic about the location of their data and they want to get access by either specifying logical names or using some lookup mechanism. A global namespace is a logical layer that allows the view of data resources independently from the physical location. Usually, the naming scheme is designed to be easily interpreted by humans and it is organized into a purely user-defined directory hierarchy. Within this model, a data resource is uniquely addressed by file name and path. Nevertheless, this hierarchical structures of logical namespace lacks adequate flexibility to manage sophisticated organization of data. In particular the implicit classification of the data item derived from the path is not enough meaningful to classify data objects when different orthogonal dimensions are considered. In this paper we expose an enriched namespace able to support a new type of data access authorization policy based on tags. The tags are organized in well-defined hierarchies providing a simple representation of the domain ontology. Only authorized users can label data resources with different tags taken from the domain tag hierarchies. In this way an overlay of classical hierarchical structure of logical namespace with faceted hierarchical tags provides a semantics classification of data entities. Authorization policies defined in respect of tags are content-aware.