ACaaS: Access control as a service for IaaS cloud

Ruoyu Wu, Xinwen Zhang, Gail-Joon Ahn, Hadi Sharifi, Haiyong Xie

Research output: Chapter in Book/Report/Conference proceedingConference contribution

13 Scopus citations

Abstract

Organizations and enterprises have been outsourcing their computation, storage, and workflows to Infrastructureas-a-Service (IaaS) based cloud platforms. The heterogeneity and high diversity of IaaS cloud environment demand a comprehensive and fine-grained access control mechanism, in order to meet dynamic, extensible, and highly configurable security requirements of these cloud consumers. However, existing security mechanisms provided by IaaS cloud providers do not satisfy these requirements. To address such an emergent demand, we propose a new cloud service called access control as a service (ACaaS), a service-oriented architecture in cloud to support multiple access control models, with the spirit of pluggable access control modules in modern operating systems. As a proof-of-concept reference prototype, we design and implement ACaaSRBAC to provide role-based access control (RBAC) for Amazon Web Services (AWS), where cloud customers can easily integrate the service into enterprise applications in order to extend RBAC policy enforcement in AWS.

Original languageEnglish (US)
Title of host publicationProceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013
Pages423-428
Number of pages6
DOIs
StatePublished - Dec 1 2013
Event2013 ASE/IEEE Int. Conf. on Social Computing, SocialCom 2013, the 2013 ASE/IEEE Int. Conf. on Big Data, BigData 2013, the 2013 Int. Conf. on Economic Computing, EconCom 2013, the 2013 PASSAT 2013, and the 2013 ASE/IEEE Int. Conf. on BioMedCom 2013 - Washington, DC, United States
Duration: Sep 8 2013Sep 14 2013

Publication series

NameProceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013

Other

Other2013 ASE/IEEE Int. Conf. on Social Computing, SocialCom 2013, the 2013 ASE/IEEE Int. Conf. on Big Data, BigData 2013, the 2013 Int. Conf. on Economic Computing, EconCom 2013, the 2013 PASSAT 2013, and the 2013 ASE/IEEE Int. Conf. on BioMedCom 2013
CountryUnited States
CityWashington, DC
Period9/8/139/14/13

    Fingerprint

Keywords

  • Access control
  • Cloud computing
  • Security

ASJC Scopus subject areas

  • Software

Cite this

Wu, R., Zhang, X., Ahn, G-J., Sharifi, H., & Xie, H. (2013). ACaaS: Access control as a service for IaaS cloud. In Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013 (pp. 423-428). [6693363] (Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013). https://doi.org/10.1109/SocialCom.2013.66