Common information model: implementing the object model for enterprise management
Common information model: implementing the object model for enterprise management
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Jena: implementing the semantic web recommendations
Proceedings of the 13th international World Wide Web conference on Alternate track papers & posters
Web Resource Monitoring Based on Common Information Model
APSCC '06 Proceedings of the 2006 IEEE Asia-Pacific Conference on Services Computing
Pellet: A practical OWL-DL reasoner
Web Semantics: Science, Services and Agents on the World Wide Web
Access Control of Cloud Service Based on UCON
CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
Semantic-based authorization architecture for Grid
Future Generation Computer Systems
Editorial: Detection of semantic conflicts in ontology and rule-based information systems
Data & Knowledge Engineering
Toward a Multi-Tenancy Authorization System for Cloud Services
IEEE Security and Privacy
Role-Based Access-Control Using Reference Ontology in Clouds
ISADS '11 Proceedings of the 2011 Tenth International Symposium on Autonomous Decentralized Systems
RBAC for High Performance Computing Systems Integration in Grid Computing and Cloud Computing
IPDPSW '11 Proceedings of the 2011 IEEE International Symposium on Parallel and Distributed Processing Workshops and PhD Forum
Editorial: The management of cloud systems
Future Generation Computer Systems
Future Generation Computer Systems
Hi-index | 0.00 |
Cloud computing is an emerging paradigm to offer on-demand IT services to customers. The access control to resources located in the cloud is one of the critical aspects to enable business to shift into the cloud. Some recent works provide access control models suitable for the cloud; however there are important shortages that need to be addressed in this field. This work presents a step forward in the state-of-the-art of access control for cloud computing. We describe a high expressive authorization model that enables the management of advanced features such as role-based access control (RBAC), hierarchical RBAC (hRBAC), conditional RBAC (cRBAC) and hierarchical objects (HO). The access control model takes advantage of the logic formalism provided by the Semantic Web technologies to describe both the underlying infrastructure and the authorization model, as well as the rules employed to protect the access to resources in the cloud. The access control model has been specially designed taking into account the multi-tenancy nature of this kind of environment. Moreover, a trust model that allows a fine-grained definition of what information is available for each particular tenant has been described. This enables the establishment of business alliances among cloud tenants resulting in federation and coalition agreements. The proposed model has been validated by means of a proof of concept implementation of the access control system for OpenStack with promising performance results.