Role-Based Access Control Models
Computer
Access control in collaborative systems
ACM Computing Surveys (CSUR)
A Software as a Service with Multi-tenancy Support for an Electronic Contract Management Application
SCC '08 Proceedings of the 2008 IEEE International Conference on Services Computing - Volume 2
Access control: principle and practice
IEEE Communications Magazine
Multi-tenant, secure, load disseminated SaaS architecture
ICACT'10 Proceedings of the 12th international conference on Advanced communication technology
Hi-index | 0.00 |
Software applications and solutions as Software as a Service (SaaS) has been gaining momentum all over the world in recent times. In the SaaS context, applications are hosted by the vendor using the vendor's IT infrastructure. Most SaaS applications are web-based. What separates SaaS application from multi-user web-based applications are SaaS is not just a web-front to a back-end application as in a bank's application. SaaS is not just a multi-user application, but multi-tenant application. Each customer organization is a tenant in a SaaS application. Multiple customer organizations may use the same application and each organization may have multiple users. Four levels of SaaS application maturity have been defined in the literature. A Level 4 SaaS application supports multiple tenants with a multiple but identical instances of the application and a metadata configuration of the application and offers superior ability to scale and handle large volumes of traffic and transactions. In this paper we present a SaaS application, addressing all issues involved in a Level 4 SaaS application. We have chosen the healthcare industry as a business context, as it has multiple players. Multi-tenant is a natural phenomenon on such a context. We have recognized that while SaaS may offer a business solution to a customer, it still needs to integrate with other business applications and workflows. We provide integration case studies in a SaaS Context. We also discuss security issues in a SaaS context. We present a multi-key secure encryption model to secure user data and a fully user defined Role Based Access Control model.