Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS)

Qiong Zuo, Meiyi Xie, Wei Tek Tsai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Sub-Tenancy Architecture (STA), is an extension of Multi-Tenancy Architecture (MTA), allows tenants to offer services for subtenant developers to customize their applications in the SaaS infrastructure [1]. In a STA system, tenants are autonomous decentralized entities who can create subtenants, and grant their resources (including private services and data) to their subtenants. The isolation and sharing relations between parent-child tenants, sibling tenants or non-related tenants are more complicated than those between tenants in MTA. It is important to keep resource private, and at the same time, allow them to be shared, and support application customizations for tenants. This paper provides a formal definition of a new tenant-based access control model based on Administrative Role-Based Access Control (ARBAC) for STA in SaaS. Autonomous Areas (AA) and AA-tree are proposed to describe the autonomy of tenants, including their isolation and sharing relationships. Different resource sharing methods are given out to create and deploy the access control scheme in STA models.

Original languageEnglish (US)
Title of host publicationProceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages211-216
Number of pages6
ISBN (Print)9781479982615
DOIs
StatePublished - Apr 29 2015
Event2015 12th IEEE International Symposium on Autonomous Decentralized Systems, ISADS 2015 - Taichung, Taiwan, Province of China
Duration: Mar 25 2015Mar 27 2015

Other

Other2015 12th IEEE International Symposium on Autonomous Decentralized Systems, ISADS 2015
CountryTaiwan, Province of China
CityTaichung
Period3/25/153/27/15

Fingerprint

Access control

Keywords

  • Multi-Tenancy Architecture (MTA)
  • Rolebased Access Control (RBAC) Model
  • Software-as-a-Service (SaaS)
  • Sub-Tenancy Architecture (STA)
  • Tenant-based Access Control Model

ASJC Scopus subject areas

  • Artificial Intelligence
  • Control and Systems Engineering

Cite this

Zuo, Q., Xie, M., & Tsai, W. T. (2015). Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS). In Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015 (pp. 211-216). [7098261] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ISADS.2015.47

Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS). / Zuo, Qiong; Xie, Meiyi; Tsai, Wei Tek.

Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015. Institute of Electrical and Electronics Engineers Inc., 2015. p. 211-216 7098261.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Zuo, Q, Xie, M & Tsai, WT 2015, Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS). in Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015., 7098261, Institute of Electrical and Electronics Engineers Inc., pp. 211-216, 2015 12th IEEE International Symposium on Autonomous Decentralized Systems, ISADS 2015, Taichung, Taiwan, Province of China, 3/25/15. https://doi.org/10.1109/ISADS.2015.47
Zuo Q, Xie M, Tsai WT. Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS). In Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015. Institute of Electrical and Electronics Engineers Inc. 2015. p. 211-216. 7098261 https://doi.org/10.1109/ISADS.2015.47
Zuo, Qiong ; Xie, Meiyi ; Tsai, Wei Tek. / Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS). Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015. Institute of Electrical and Electronics Engineers Inc., 2015. pp. 211-216
@inproceedings{3da838af5cf7457a82af327421236682,
title = "Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS)",
abstract = "Sub-Tenancy Architecture (STA), is an extension of Multi-Tenancy Architecture (MTA), allows tenants to offer services for subtenant developers to customize their applications in the SaaS infrastructure [1]. In a STA system, tenants are autonomous decentralized entities who can create subtenants, and grant their resources (including private services and data) to their subtenants. The isolation and sharing relations between parent-child tenants, sibling tenants or non-related tenants are more complicated than those between tenants in MTA. It is important to keep resource private, and at the same time, allow them to be shared, and support application customizations for tenants. This paper provides a formal definition of a new tenant-based access control model based on Administrative Role-Based Access Control (ARBAC) for STA in SaaS. Autonomous Areas (AA) and AA-tree are proposed to describe the autonomy of tenants, including their isolation and sharing relationships. Different resource sharing methods are given out to create and deploy the access control scheme in STA models.",
keywords = "Multi-Tenancy Architecture (MTA), Rolebased Access Control (RBAC) Model, Software-as-a-Service (SaaS), Sub-Tenancy Architecture (STA), Tenant-based Access Control Model",
author = "Qiong Zuo and Meiyi Xie and Tsai, {Wei Tek}",
year = "2015",
month = "4",
day = "29",
doi = "10.1109/ISADS.2015.47",
language = "English (US)",
isbn = "9781479982615",
pages = "211--216",
booktitle = "Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS)

AU - Zuo, Qiong

AU - Xie, Meiyi

AU - Tsai, Wei Tek

PY - 2015/4/29

Y1 - 2015/4/29

N2 - Sub-Tenancy Architecture (STA), is an extension of Multi-Tenancy Architecture (MTA), allows tenants to offer services for subtenant developers to customize their applications in the SaaS infrastructure [1]. In a STA system, tenants are autonomous decentralized entities who can create subtenants, and grant their resources (including private services and data) to their subtenants. The isolation and sharing relations between parent-child tenants, sibling tenants or non-related tenants are more complicated than those between tenants in MTA. It is important to keep resource private, and at the same time, allow them to be shared, and support application customizations for tenants. This paper provides a formal definition of a new tenant-based access control model based on Administrative Role-Based Access Control (ARBAC) for STA in SaaS. Autonomous Areas (AA) and AA-tree are proposed to describe the autonomy of tenants, including their isolation and sharing relationships. Different resource sharing methods are given out to create and deploy the access control scheme in STA models.

AB - Sub-Tenancy Architecture (STA), is an extension of Multi-Tenancy Architecture (MTA), allows tenants to offer services for subtenant developers to customize their applications in the SaaS infrastructure [1]. In a STA system, tenants are autonomous decentralized entities who can create subtenants, and grant their resources (including private services and data) to their subtenants. The isolation and sharing relations between parent-child tenants, sibling tenants or non-related tenants are more complicated than those between tenants in MTA. It is important to keep resource private, and at the same time, allow them to be shared, and support application customizations for tenants. This paper provides a formal definition of a new tenant-based access control model based on Administrative Role-Based Access Control (ARBAC) for STA in SaaS. Autonomous Areas (AA) and AA-tree are proposed to describe the autonomy of tenants, including their isolation and sharing relationships. Different resource sharing methods are given out to create and deploy the access control scheme in STA models.

KW - Multi-Tenancy Architecture (MTA)

KW - Rolebased Access Control (RBAC) Model

KW - Software-as-a-Service (SaaS)

KW - Sub-Tenancy Architecture (STA)

KW - Tenant-based Access Control Model

UR - http://www.scopus.com/inward/record.url?scp=84937231677&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84937231677&partnerID=8YFLogxK

U2 - 10.1109/ISADS.2015.47

DO - 10.1109/ISADS.2015.47

M3 - Conference contribution

SN - 9781479982615

SP - 211

EP - 216

BT - Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015

PB - Institute of Electrical and Electronics Engineers Inc.

ER -