Role-Centric Circle-of-Trust in Multi-tenant Cloud IaaS
نویسندگان
چکیده
Currently, collaboration is a major challenge in adopting cloud Infrastructure-as-a-Service (IaaS). Enterprise work-flow intrinsically mandates collaboration across its tenant boundaries as well as with associated organizations’ tenants in the cloud. In this paper, we investigate a Circle-of-Trust approach where tenants establish trust within a circle of tenants for the purpose of collaboration. We present a novel extension of role-centric access control models to provide collaboration in the context of homogeneous and heterogeneous circles. In a homogeneous circle, our approach allows tenants to equally assert cross-tenant user assignments to enable access to shared resources. In a circle with nonuniform tenants, attributes are added to distinguish user-assignments where tenants are differentiated by type in the heterogeneous circle. Particularly, tenant-trust relation is established within a group of tenants authorizing user-role assignments across tenants.
منابع مشابه
MT-ABAC: A Multi-Tenant Attribute-Based Access Control Model with Tenant Trust
A major barrier to the adoption of cloud Infrastructure-as-aService (IaaS) is collaboration, where multiple tenants engage in collaborative tasks requiring resources to be shared across tenant boundaries. Currently, cloud IaaS providers focus on multi-tenant isolation, and offer limited or no cross-tenant access capabilities in their IaaS APIs. In this paper, we present a novel attribute-based ...
متن کاملAuthorization Federation in Multi-tenant Multi-cloud Iaas Approved by Supervising Committee:
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . iv List of Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii List of Figures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
متن کاملHigh Level Security Trust Zones for Private Clouds
The vulnerability of Cloud Computing Systems (CCSs) to Advanced Persistent Threats (APTs) is significant. So a cloud architecture reference model that incorporates a wide range of security controls and best practices, and a cloud security assessment model – Cloud-Trust – that estimates high level security metrics to quantify the degree of confidentiality and integrity offered by a CCS or cloud ...
متن کاملTraffic and Failure Aware VM Placement for Multi-tenant IaaS Cloud
In an infrastructure as a service (IaaS) cloud, tenants want to receive reliable services and the cloud provider intends to reducing intra-network traffic in order to provide more services. Achieving the requirements of both sides is a challenging problem. Current tenant abstraction models cannot provide enough information for the cloud provider to optimize network traffic while satisfying reli...
متن کاملJobber: Automating Inter-Tenant Trust in the Cloud
Today, a growing number of users are opting to move their systems and services from self-hosted data centers to cloud-hosted IaaS offerings. These users wish to both benefit from the efficiencies that shared multitenant hosting can offer while still retaining or improving the kinds of security and control afforded by self-hosted solutions. In this paper, we present Jobber: a highly autonomous m...
متن کامل