Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS)

Qiong Zuo; Meiyi Xie; Wei Tek Tsai

doi:10.1109/ISADS.2015.47

Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS)

Qiong Zuo, Meiyi Xie, Wei Tek Tsai

Computing, Informatics and Decision Systems Engineering, School of (CIDSE)

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

2 Scopus citations

Abstract

Sub-Tenancy Architecture (STA), is an extension of Multi-Tenancy Architecture (MTA), allows tenants to offer services for subtenant developers to customize their applications in the SaaS infrastructure [1]. In a STA system, tenants are autonomous decentralized entities who can create subtenants, and grant their resources (including private services and data) to their subtenants. The isolation and sharing relations between parent-child tenants, sibling tenants or non-related tenants are more complicated than those between tenants in MTA. It is important to keep resource private, and at the same time, allow them to be shared, and support application customizations for tenants. This paper provides a formal definition of a new tenant-based access control model based on Administrative Role-Based Access Control (ARBAC) for STA in SaaS. Autonomous Areas (AA) and AA-tree are proposed to describe the autonomy of tenants, including their isolation and sharing relationships. Different resource sharing methods are given out to create and deploy the access control scheme in STA models.

Original language	English (US)
Title of host publication	Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	211-216
Number of pages	6
ISBN (Print)	9781479982615
DOIs	https://doi.org/10.1109/ISADS.2015.47
State	Published - Apr 29 2015
Event	2015 12th IEEE International Symposium on Autonomous Decentralized Systems, ISADS 2015 - Taichung, Taiwan, Province of China Duration: Mar 25 2015 → Mar 27 2015

Other

Other	2015 12th IEEE International Symposium on Autonomous Decentralized Systems, ISADS 2015
Country	Taiwan, Province of China
City	Taichung
Period	3/25/15 → 3/27/15

Fingerprint

Keywords

Multi-Tenancy Architecture (MTA)
Rolebased Access Control (RBAC) Model
Software-as-a-Service (SaaS)
Sub-Tenancy Architecture (STA)
Tenant-based Access Control Model

ASJC Scopus subject areas

Artificial Intelligence
Control and Systems Engineering

Cite this

Zuo, Q., Xie, M., & Tsai, W. T. (2015). Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS). In Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015 (pp. 211-216). [7098261] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ISADS.2015.47

Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS). / Zuo, Qiong; Xie, Meiyi; Tsai, Wei Tek.

Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015. Institute of Electrical and Electronics Engineers Inc., 2015. p. 211-216 7098261.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Zuo, Q, Xie, M & Tsai, WT 2015, Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS). in Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015., 7098261, Institute of Electrical and Electronics Engineers Inc., pp. 211-216, 2015 12th IEEE International Symposium on Autonomous Decentralized Systems, ISADS 2015, Taichung, Taiwan, Province of China, 3/25/15. https://doi.org/10.1109/ISADS.2015.47

@inproceedings{3da838af5cf7457a82af327421236682,

title = "Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS)",

abstract = "Sub-Tenancy Architecture (STA), is an extension of Multi-Tenancy Architecture (MTA), allows tenants to offer services for subtenant developers to customize their applications in the SaaS infrastructure [1]. In a STA system, tenants are autonomous decentralized entities who can create subtenants, and grant their resources (including private services and data) to their subtenants. The isolation and sharing relations between parent-child tenants, sibling tenants or non-related tenants are more complicated than those between tenants in MTA. It is important to keep resource private, and at the same time, allow them to be shared, and support application customizations for tenants. This paper provides a formal definition of a new tenant-based access control model based on Administrative Role-Based Access Control (ARBAC) for STA in SaaS. Autonomous Areas (AA) and AA-tree are proposed to describe the autonomy of tenants, including their isolation and sharing relationships. Different resource sharing methods are given out to create and deploy the access control scheme in STA models.",

keywords = "Multi-Tenancy Architecture (MTA), Rolebased Access Control (RBAC) Model, Software-as-a-Service (SaaS), Sub-Tenancy Architecture (STA), Tenant-based Access Control Model",

author = "Qiong Zuo and Meiyi Xie and Tsai, {Wei Tek}",

year = "2015",

month = apr

day = "29",

doi = "10.1109/ISADS.2015.47",

language = "English (US)",

isbn = "9781479982615",

pages = "211--216",

booktitle = "Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

note = "2015 12th IEEE International Symposium on Autonomous Decentralized Systems, ISADS 2015 ; Conference date: 25-03-2015 Through 27-03-2015",

}

TY - GEN

T1 - Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS)

AU - Zuo, Qiong

AU - Xie, Meiyi

AU - Tsai, Wei Tek

PY - 2015/4/29

Y1 - 2015/4/29

N2 - Sub-Tenancy Architecture (STA), is an extension of Multi-Tenancy Architecture (MTA), allows tenants to offer services for subtenant developers to customize their applications in the SaaS infrastructure [1]. In a STA system, tenants are autonomous decentralized entities who can create subtenants, and grant their resources (including private services and data) to their subtenants. The isolation and sharing relations between parent-child tenants, sibling tenants or non-related tenants are more complicated than those between tenants in MTA. It is important to keep resource private, and at the same time, allow them to be shared, and support application customizations for tenants. This paper provides a formal definition of a new tenant-based access control model based on Administrative Role-Based Access Control (ARBAC) for STA in SaaS. Autonomous Areas (AA) and AA-tree are proposed to describe the autonomy of tenants, including their isolation and sharing relationships. Different resource sharing methods are given out to create and deploy the access control scheme in STA models.

AB - Sub-Tenancy Architecture (STA), is an extension of Multi-Tenancy Architecture (MTA), allows tenants to offer services for subtenant developers to customize their applications in the SaaS infrastructure [1]. In a STA system, tenants are autonomous decentralized entities who can create subtenants, and grant their resources (including private services and data) to their subtenants. The isolation and sharing relations between parent-child tenants, sibling tenants or non-related tenants are more complicated than those between tenants in MTA. It is important to keep resource private, and at the same time, allow them to be shared, and support application customizations for tenants. This paper provides a formal definition of a new tenant-based access control model based on Administrative Role-Based Access Control (ARBAC) for STA in SaaS. Autonomous Areas (AA) and AA-tree are proposed to describe the autonomy of tenants, including their isolation and sharing relationships. Different resource sharing methods are given out to create and deploy the access control scheme in STA models.

KW - Multi-Tenancy Architecture (MTA)

KW - Rolebased Access Control (RBAC) Model

KW - Software-as-a-Service (SaaS)

KW - Sub-Tenancy Architecture (STA)

KW - Tenant-based Access Control Model

UR - http://www.scopus.com/inward/record.url?scp=84937231677&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84937231677&partnerID=8YFLogxK

U2 - 10.1109/ISADS.2015.47

DO - 10.1109/ISADS.2015.47

M3 - Conference contribution

AN - SCOPUS:84937231677

SN - 9781479982615

SP - 211

EP - 216

BT - Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2015 12th IEEE International Symposium on Autonomous Decentralized Systems, ISADS 2015

Y2 - 25 March 2015 through 27 March 2015

ER -

Access to Document

10.1109/ISADS.2015.47