Abstract : Currently, collaboration is a major challenge in adopting cloud Infrastructure-as-a-Service (IaaS). Enterprise work-flow intrinsically mandates collaboration across its tenant boundaries as well as with associated organizations’ tenants in the cloud. In this paper, we investigate a Circle-of-Trust approach where tenants establish trust within a circle of tenants for the purpose of collaboration. We present a novel extension of role-centric access control models to provide collaboration in the context of homogeneous and heterogeneous circles. In a homogeneous circle, our approach allows tenants to equally assert cross-tenant user assignments to enable access to shared resources. In a circle with non-uniform tenants, attributes are added to distinguish user-assignments where tenants are differentiated by type in the heterogeneous circle. Particularly, tenant-trust relation is established within a group of tenants authorizing user-role assignments across tenants.
Silvio Ranise; Vipin Swarup. 30th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec), Jul 2016, Trento, Italy. Springer International Publishing, Lecture Notes in Computer Science, LNCS-9766, pp.106-121, 2016, Data and Applications Security and Privacy XXX. 〈10.1007/978-3-319-41483-6_8〉
https://hal.inria.fr/hal-01633665
Contributeur : Hal Ifip
<>
Soumis le : lundi 13 novembre 2017 - 11:45:49
Dernière modification le : lundi 13 novembre 2017 - 11:48:32
Document(s) archivé(s) le : mercredi 14 février 2018 - 13:57:47
Navid Pustchi, Ravi Sandhu. Role-Centric Circle-of-Trust in Multi-tenant Cloud IaaS. Silvio Ranise; Vipin Swarup. 30th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec), Jul 2016, Trento, Italy. Springer International Publishing, Lecture Notes in Computer Science, LNCS-9766, pp.106-121, 2016, Data and Applications Security and Privacy XXX. 〈10.1007/978-3-319-41483-6_8〉. 〈hal-01633665〉
