MC-ABAC: An ABAC-based Model for Collaboration in Multi-Cloud Environment
نویسندگان
چکیده
Collaborative systems allow a group of organizations to collaborate and complete shared tasks through distributed platforms. Organizations who often leverage cloud-based solutions outsource their data benefit from the cloud capabilities. During such collaborations, tenants require access utilize resources held by other collaborating tenants, which are hosted across multiple providers. Ensuring control in collaborative application is crucial problem that needs be addressed, particularly multi-cloud environment. This paper presents Multi-Cloud ABAC: MC-ABAC model, an extension Attribute Based Access Control suitable for ensuring secure collaboration cross-tenant The introduces notions tenant, customer service provider as fundamental entities within model. Additionally, it incorporates trust relations enable resource sharing among To demonstrate its feasibility, we have implemented model using Python technology.
منابع مشابه
Strategies for Incorporating Delegation into Attribute-Based Access Control (ABAC)
Attribute-Based Access Control (ABAC) is an emerging model of access control that has gained significant interest in both recent academic literature and industry application. However, to date there have been almost no attempts to incorporate the concept of dynamic delegation into ABAC. This work lays out a number of possible strategies for incorporating delegation into existing ABAC models and ...
متن کاملMT-ABAC: A Multi-Tenant Attribute-Based Access Control Model with Tenant Trust
A major barrier to the adoption of cloud Infrastructure-as-aService (IaaS) is collaboration, where multiple tenants engage in collaborative tasks requiring resources to be shared across tenant boundaries. Currently, cloud IaaS providers focus on multi-tenant isolation, and offer limited or no cross-tenant access capabilities in their IaaS APIs. In this paper, we present a novel attribute-based ...
متن کاملABAC - Ein Referenzmodell für attributbasierte Zugriffskontrolle
Moderne Anwendungen aus dem Bereich des e-Commerce, sowie Enterpriseund e-Government-Portale bringen aufgrund der Vielzahl höchst heterogener Benutzer und der Diversität der Informationsressourcen die Notwendigkeit für flexible Autorisierungsund Zugriffskontrollverfahren mit sich. Für den Zugriff auf derartige Anwendungen ist sicherzustellen, dass Benutzer die notwendigen Berechtigungen besitze...
متن کاملAligning ABAC Policies with Information Security Policies using Controlled Vocabulary
Attribute-based Access Control (ABAC) policies are based on mutually processable policy attributes. Assigned permissions in such policies need to be reflected or combined with organisational constraints. Best practice in information security dictates having the operational need to access a particular information artifact independent from the function of the specific application systems. Consequ...
متن کاملSecure Protocol of ABAC Certificates Revocation and Delegation
This paper deals with the maintenance of PKI certificates for Attribute Based Access Control (ABAC). We show, that the current standard has several problems in different revocation and delegation processes. This may lead to a security hole allowing usage of ABAC certificates, when it was revoked or transferred. As a solution we suggest architecture changes, that allow to perform revocation and ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: International Journal of Advanced Computer Science and Applications
سال: 2023
ISSN: ['2158-107X', '2156-5570']
DOI: https://doi.org/10.14569/ijacsa.2023.01406126