Name
Abstract | ||
|---|---|---|
Cloud computing is an emerging paradigm to offer on-demand IT services to customers. The access control to resources located in the cloud is one of the critical aspects to enable business to shift into the cloud. Some recent works provide access control models suitable for the cloud; however there are important shortages that need to be addressed in this field. This work presents a step forward in the state-of-the-art of access control for cloud computing. We describe a high expressive authorization model that enables the management of advanced features such as role-based access control (RBAC), hierarchical RBAC (hRBAC), conditional RBAC (cRBAC) and hierarchical objects (HO). The access control model takes advantage of the logic formalism provided by the Semantic Web technologies to describe both the underlying infrastructure and the authorization model, as well as the rules employed to protect the access to resources in the cloud. The access control model has been specially designed taking into account the multi-tenancy nature of this kind of environment. Moreover, a trust model that allows a fine-grained definition of what information is available for each particular tenant has been described. This enables the establishment of business alliances among cloud tenants resulting in federation and coalition agreements. The proposed model has been validated by means of a proof of concept implementation of the access control system for OpenStack with promising performance results. ¿ Advanced multi-tenancy authorization system. ¿ Advanced features such as RBAC, hierarchical-RBAC and conditional-RBAC. ¿ Novel trust model proposed enabling a federated cloud environment. ¿ Implementation for OpenStack has validated the proposal. ¿ Performance statistics of the system integrated in OpenStack has been proposed. |
Year | DOI | Venue |
|---|---|---|
2014 | 10.1016/j.future.2012.05.011 | Future Generation Comp. Syst. |
Keywords | Field | DocType |
semantic-aware multi-tenancy authorization system,access control system,access control model,cloud tenant,authorization model,high expressive authorization model,role-based access control,trust model,cloud computing,cloud architecture,access control,semantic web,multi tenancy | Computer science,Computer security,Authorization,Semantic Web,Role-based access control,Multitenancy,Access control,Formalism (philosophy),Economic shortage,Distributed computing,Cloud computing | Journal |
Volume | Issue | ISSN |
32 | C | 0167-739X |
Citations | PageRank | References |
12 | 0.59 | 16 |
Authors | ||
6 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Jorge Bernal Bernabé | 1 | 148 | 18.98 |
| Juan M. Marin Perez | 2 | 25 | 1.27 |
| Jose M. Alcaraz Calero | 3 | 331 | 37.37 |
| Félix J. García Clemente | 4 | 123 | 19.79 |
| Gregorio Martinez Perez | 5 | 118 | 14.65 |
| Antonio F. Gomez Skarmeta | 6 | 26 | 4.11 |