ACaaS

Access control as a service for IaaS cloud

Ruoyu Wu, Xinwen Zhang, Gail-Joon Ahn, Hadi Sharifi, Haiyong Xie

Research output: Chapter in Book/Report/Conference proceedingConference contribution

11 Citations (Scopus)

Abstract

Organizations and enterprises have been outsourcing their computation, storage, and workflows to Infrastructureas-a-Service (IaaS) based cloud platforms. The heterogeneity and high diversity of IaaS cloud environment demand a comprehensive and fine-grained access control mechanism, in order to meet dynamic, extensible, and highly configurable security requirements of these cloud consumers. However, existing security mechanisms provided by IaaS cloud providers do not satisfy these requirements. To address such an emergent demand, we propose a new cloud service called access control as a service (ACaaS), a service-oriented architecture in cloud to support multiple access control models, with the spirit of pluggable access control modules in modern operating systems. As a proof-of-concept reference prototype, we design and implement ACaaSRBAC to provide role-based access control (RBAC) for Amazon Web Services (AWS), where cloud customers can easily integrate the service into enterprise applications in order to extend RBAC policy enforcement in AWS.

Original languageEnglish (US)
Title of host publicationProceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013
Pages423-428
Number of pages6
DOIs
StatePublished - 2013
Event2013 ASE/IEEE Int. Conf. on Social Computing, SocialCom 2013, the 2013 ASE/IEEE Int. Conf. on Big Data, BigData 2013, the 2013 Int. Conf. on Economic Computing, EconCom 2013, the 2013 PASSAT 2013, and the 2013 ASE/IEEE Int. Conf. on BioMedCom 2013 - Washington, DC, United States
Duration: Sep 8 2013Sep 14 2013

Other

Other2013 ASE/IEEE Int. Conf. on Social Computing, SocialCom 2013, the 2013 ASE/IEEE Int. Conf. on Big Data, BigData 2013, the 2013 Int. Conf. on Economic Computing, EconCom 2013, the 2013 PASSAT 2013, and the 2013 ASE/IEEE Int. Conf. on BioMedCom 2013
CountryUnited States
CityWashington, DC
Period9/8/139/14/13

Fingerprint

Access control
Web services
Outsourcing
Service oriented architecture (SOA)
Industry

Keywords

  • Access control
  • Cloud computing
  • Security

ASJC Scopus subject areas

  • Software

Cite this

Wu, R., Zhang, X., Ahn, G-J., Sharifi, H., & Xie, H. (2013). ACaaS: Access control as a service for IaaS cloud. In Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013 (pp. 423-428). [6693363] https://doi.org/10.1109/SocialCom.2013.66

ACaaS : Access control as a service for IaaS cloud. / Wu, Ruoyu; Zhang, Xinwen; Ahn, Gail-Joon; Sharifi, Hadi; Xie, Haiyong.

Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013. 2013. p. 423-428 6693363.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Wu, R, Zhang, X, Ahn, G-J, Sharifi, H & Xie, H 2013, ACaaS: Access control as a service for IaaS cloud. in Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013., 6693363, pp. 423-428, 2013 ASE/IEEE Int. Conf. on Social Computing, SocialCom 2013, the 2013 ASE/IEEE Int. Conf. on Big Data, BigData 2013, the 2013 Int. Conf. on Economic Computing, EconCom 2013, the 2013 PASSAT 2013, and the 2013 ASE/IEEE Int. Conf. on BioMedCom 2013, Washington, DC, United States, 9/8/13. https://doi.org/10.1109/SocialCom.2013.66
Wu R, Zhang X, Ahn G-J, Sharifi H, Xie H. ACaaS: Access control as a service for IaaS cloud. In Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013. 2013. p. 423-428. 6693363 https://doi.org/10.1109/SocialCom.2013.66
Wu, Ruoyu ; Zhang, Xinwen ; Ahn, Gail-Joon ; Sharifi, Hadi ; Xie, Haiyong. / ACaaS : Access control as a service for IaaS cloud. Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013. 2013. pp. 423-428
@inproceedings{19ae71aefff94b2e8e976dfbec7df081,
title = "ACaaS: Access control as a service for IaaS cloud",
abstract = "Organizations and enterprises have been outsourcing their computation, storage, and workflows to Infrastructureas-a-Service (IaaS) based cloud platforms. The heterogeneity and high diversity of IaaS cloud environment demand a comprehensive and fine-grained access control mechanism, in order to meet dynamic, extensible, and highly configurable security requirements of these cloud consumers. However, existing security mechanisms provided by IaaS cloud providers do not satisfy these requirements. To address such an emergent demand, we propose a new cloud service called access control as a service (ACaaS), a service-oriented architecture in cloud to support multiple access control models, with the spirit of pluggable access control modules in modern operating systems. As a proof-of-concept reference prototype, we design and implement ACaaSRBAC to provide role-based access control (RBAC) for Amazon Web Services (AWS), where cloud customers can easily integrate the service into enterprise applications in order to extend RBAC policy enforcement in AWS.",
keywords = "Access control, Cloud computing, Security",
author = "Ruoyu Wu and Xinwen Zhang and Gail-Joon Ahn and Hadi Sharifi and Haiyong Xie",
year = "2013",
doi = "10.1109/SocialCom.2013.66",
language = "English (US)",
isbn = "9780769551371",
pages = "423--428",
booktitle = "Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013",

}

TY - GEN

T1 - ACaaS

T2 - Access control as a service for IaaS cloud

AU - Wu, Ruoyu

AU - Zhang, Xinwen

AU - Ahn, Gail-Joon

AU - Sharifi, Hadi

AU - Xie, Haiyong

PY - 2013

Y1 - 2013

N2 - Organizations and enterprises have been outsourcing their computation, storage, and workflows to Infrastructureas-a-Service (IaaS) based cloud platforms. The heterogeneity and high diversity of IaaS cloud environment demand a comprehensive and fine-grained access control mechanism, in order to meet dynamic, extensible, and highly configurable security requirements of these cloud consumers. However, existing security mechanisms provided by IaaS cloud providers do not satisfy these requirements. To address such an emergent demand, we propose a new cloud service called access control as a service (ACaaS), a service-oriented architecture in cloud to support multiple access control models, with the spirit of pluggable access control modules in modern operating systems. As a proof-of-concept reference prototype, we design and implement ACaaSRBAC to provide role-based access control (RBAC) for Amazon Web Services (AWS), where cloud customers can easily integrate the service into enterprise applications in order to extend RBAC policy enforcement in AWS.

AB - Organizations and enterprises have been outsourcing their computation, storage, and workflows to Infrastructureas-a-Service (IaaS) based cloud platforms. The heterogeneity and high diversity of IaaS cloud environment demand a comprehensive and fine-grained access control mechanism, in order to meet dynamic, extensible, and highly configurable security requirements of these cloud consumers. However, existing security mechanisms provided by IaaS cloud providers do not satisfy these requirements. To address such an emergent demand, we propose a new cloud service called access control as a service (ACaaS), a service-oriented architecture in cloud to support multiple access control models, with the spirit of pluggable access control modules in modern operating systems. As a proof-of-concept reference prototype, we design and implement ACaaSRBAC to provide role-based access control (RBAC) for Amazon Web Services (AWS), where cloud customers can easily integrate the service into enterprise applications in order to extend RBAC policy enforcement in AWS.

KW - Access control

KW - Cloud computing

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=84893571256&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84893571256&partnerID=8YFLogxK

U2 - 10.1109/SocialCom.2013.66

DO - 10.1109/SocialCom.2013.66

M3 - Conference contribution

SN - 9780769551371

SP - 423

EP - 428

BT - Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013

ER -