TY - GEN
T1 - ACaaS
T2 - 2013 ASE/IEEE Int. Conf. on Social Computing, SocialCom 2013, the 2013 ASE/IEEE Int. Conf. on Big Data, BigData 2013, the 2013 Int. Conf. on Economic Computing, EconCom 2013, the 2013 PASSAT 2013, and the 2013 ASE/IEEE Int. Conf. on BioMedCom 2013
AU - Wu, Ruoyu
AU - Zhang, Xinwen
AU - Ahn, Gail-Joon
AU - Sharifi, Hadi
AU - Xie, Haiyong
PY - 2013
Y1 - 2013
N2 - Organizations and enterprises have been outsourcing their computation, storage, and workflows to Infrastructureas-a-Service (IaaS) based cloud platforms. The heterogeneity and high diversity of IaaS cloud environment demand a comprehensive and fine-grained access control mechanism, in order to meet dynamic, extensible, and highly configurable security requirements of these cloud consumers. However, existing security mechanisms provided by IaaS cloud providers do not satisfy these requirements. To address such an emergent demand, we propose a new cloud service called access control as a service (ACaaS), a service-oriented architecture in cloud to support multiple access control models, with the spirit of pluggable access control modules in modern operating systems. As a proof-of-concept reference prototype, we design and implement ACaaSRBAC to provide role-based access control (RBAC) for Amazon Web Services (AWS), where cloud customers can easily integrate the service into enterprise applications in order to extend RBAC policy enforcement in AWS.
AB - Organizations and enterprises have been outsourcing their computation, storage, and workflows to Infrastructureas-a-Service (IaaS) based cloud platforms. The heterogeneity and high diversity of IaaS cloud environment demand a comprehensive and fine-grained access control mechanism, in order to meet dynamic, extensible, and highly configurable security requirements of these cloud consumers. However, existing security mechanisms provided by IaaS cloud providers do not satisfy these requirements. To address such an emergent demand, we propose a new cloud service called access control as a service (ACaaS), a service-oriented architecture in cloud to support multiple access control models, with the spirit of pluggable access control modules in modern operating systems. As a proof-of-concept reference prototype, we design and implement ACaaSRBAC to provide role-based access control (RBAC) for Amazon Web Services (AWS), where cloud customers can easily integrate the service into enterprise applications in order to extend RBAC policy enforcement in AWS.
KW - Access control
KW - Cloud computing
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=84893571256&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84893571256&partnerID=8YFLogxK
U2 - 10.1109/SocialCom.2013.66
DO - 10.1109/SocialCom.2013.66
M3 - Conference contribution
AN - SCOPUS:84893571256
SN - 9780769551371
T3 - Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013
SP - 423
EP - 428
BT - Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013
Y2 - 8 September 2013 through 14 September 2013
ER -