Abstract
Sub-Tenancy Architecture (STA), is an extension of Multi-Tenancy Architecture (MTA), allows tenants to offer services for subtenant developers to customize their applications in the SaaS infrastructure [1]. In a STA system, tenants are autonomous decentralized entities who can create subtenants, and grant their resources (including private services and data) to their subtenants. The isolation and sharing relations between parent-child tenants, sibling tenants or non-related tenants are more complicated than those between tenants in MTA. It is important to keep resource private, and at the same time, allow them to be shared, and support application customizations for tenants. This paper provides a formal definition of a new tenant-based access control model based on Administrative Role-Based Access Control (ARBAC) for STA in SaaS. Autonomous Areas (AA) and AA-tree are proposed to describe the autonomy of tenants, including their isolation and sharing relationships. Different resource sharing methods are given out to create and deploy the access control scheme in STA models.
| Original language | English (US) |
|---|---|
| Title of host publication | Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015 |
| Publisher | Institute of Electrical and Electronics Engineers Inc. |
| Pages | 211-216 |
| Number of pages | 6 |
| ISBN (Print) | 9781479982615 |
| DOIs | |
| State | Published - Apr 29 2015 |
| Event | 2015 12th IEEE International Symposium on Autonomous Decentralized Systems, ISADS 2015 - Taichung, Taiwan, Province of China Duration: Mar 25 2015 → Mar 27 2015 |
Other
| Other | 2015 12th IEEE International Symposium on Autonomous Decentralized Systems, ISADS 2015 |
|---|---|
| Country | Taiwan, Province of China |
| City | Taichung |
| Period | 3/25/15 → 3/27/15 |
Fingerprint
Keywords
- Multi-Tenancy Architecture (MTA)
- Rolebased Access Control (RBAC) Model
- Software-as-a-Service (SaaS)
- Sub-Tenancy Architecture (STA)
- Tenant-based Access Control Model
ASJC Scopus subject areas
- Artificial Intelligence
- Control and Systems Engineering
Cite this
Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS). / Zuo, Qiong; Xie, Meiyi; Tsai, Wei Tek.
Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015. Institute of Electrical and Electronics Engineers Inc., 2015. p. 211-216 7098261.Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
}
TY - GEN
T1 - Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS)
AU - Zuo, Qiong
AU - Xie, Meiyi
AU - Tsai, Wei Tek
PY - 2015/4/29
Y1 - 2015/4/29
N2 - Sub-Tenancy Architecture (STA), is an extension of Multi-Tenancy Architecture (MTA), allows tenants to offer services for subtenant developers to customize their applications in the SaaS infrastructure [1]. In a STA system, tenants are autonomous decentralized entities who can create subtenants, and grant their resources (including private services and data) to their subtenants. The isolation and sharing relations between parent-child tenants, sibling tenants or non-related tenants are more complicated than those between tenants in MTA. It is important to keep resource private, and at the same time, allow them to be shared, and support application customizations for tenants. This paper provides a formal definition of a new tenant-based access control model based on Administrative Role-Based Access Control (ARBAC) for STA in SaaS. Autonomous Areas (AA) and AA-tree are proposed to describe the autonomy of tenants, including their isolation and sharing relationships. Different resource sharing methods are given out to create and deploy the access control scheme in STA models.
AB - Sub-Tenancy Architecture (STA), is an extension of Multi-Tenancy Architecture (MTA), allows tenants to offer services for subtenant developers to customize their applications in the SaaS infrastructure [1]. In a STA system, tenants are autonomous decentralized entities who can create subtenants, and grant their resources (including private services and data) to their subtenants. The isolation and sharing relations between parent-child tenants, sibling tenants or non-related tenants are more complicated than those between tenants in MTA. It is important to keep resource private, and at the same time, allow them to be shared, and support application customizations for tenants. This paper provides a formal definition of a new tenant-based access control model based on Administrative Role-Based Access Control (ARBAC) for STA in SaaS. Autonomous Areas (AA) and AA-tree are proposed to describe the autonomy of tenants, including their isolation and sharing relationships. Different resource sharing methods are given out to create and deploy the access control scheme in STA models.
KW - Multi-Tenancy Architecture (MTA)
KW - Rolebased Access Control (RBAC) Model
KW - Software-as-a-Service (SaaS)
KW - Sub-Tenancy Architecture (STA)
KW - Tenant-based Access Control Model
UR - http://www.scopus.com/inward/record.url?scp=84937231677&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84937231677&partnerID=8YFLogxK
U2 - 10.1109/ISADS.2015.47
DO - 10.1109/ISADS.2015.47
M3 - Conference contribution
SN - 9781479982615
SP - 211
EP - 216
BT - Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015
PB - Institute of Electrical and Electronics Engineers Inc.
ER -