Abstract : Currently, collaboration is a major challenge in adopting cloud Infrastructure-as-a-Service (IaaS). Enterprise work-flow intrinsically mandates collaboration across its tenant boundaries as well as with associated organizations’ tenants in the cloud. In this paper, we investigate a Circle-of-Trust approach where tenants establish trust within a circle of tenants for the purpose of collaboration. We present a novel extension of role-centric access control models to provide collaboration in the context of homogeneous and heterogeneous circles. In a homogeneous circle, our approach allows tenants to equally assert cross-tenant user assignments to enable access to shared resources. In a circle with non-uniform tenants, attributes are added to distinguish user-assignments where tenants are differentiated by type in the heterogeneous circle. Particularly, tenant-trust relation is established within a group of tenants authorizing user-role assignments across tenants.
https://hal.inria.fr/hal-01633665 Contributor : Hal IfipConnect in order to contact the contributor Submitted on : Monday, November 13, 2017 - 11:45:49 AM Last modification on : Monday, November 13, 2017 - 11:48:32 AM Long-term archiving on: : Wednesday, February 14, 2018 - 1:57:47 PM
Navid Pustchi, Ravi Sandhu. Role-Centric Circle-of-Trust in Multi-tenant Cloud IaaS. 30th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec), Jul 2016, Trento, Italy. pp.106-121, ⟨10.1007/978-3-319-41483-6_8⟩. ⟨hal-01633665⟩