Toward a multi-tenancy authorization system for cloud services

Jose M. Alcaraz Calero; Nigel Edwards; Johannes Kirschnick; Lawrence Wilcock; Mike Wray

doi:10.1109/MSP.2010.194

Toward a multi-tenancy authorization system for cloud services

Jose M. Alcaraz Calero, Nigel Edwards, Johannes Kirschnick, Lawrence Wilcock, Mike Wray

Research output: Contribution to journal › Article › peer-review

101 Citations (Scopus)

Abstract

Cloud computing presents new security challenges to control access to information in cloud services. This article describes an authorization model suitable for cloud computing that supports hierarchical role-based access control, path-based object hierarchies, and federation. The authors also present an authorization system architecture for implementing the model. In particular, they provide some technical implementation details, together with performance results from the prototype. They also describe security, privacy, and trust management aspects for the authorization system.

Original language	English
Pages (from-to)	48-55
Number of pages	8
Journal	IEEE Security and Privacy
Volume	8
Issue number	6
DOIs	https://doi.org/10.1109/MSP.2010.194
Publication status	Published - 31 Dec 2010
Externally published	Yes

Keywords

Cloud computing
Security
Privacy
Authorization
Role based access control
Hierarchical RBAC

Access to Document

10.1109/MSP.2010.194

Cite this

@article{d0e44b4acf244600a5194ee6e0149a2b,

title = "Toward a multi-tenancy authorization system for cloud services",

abstract = "Cloud computing presents new security challenges to control access to information in cloud services. This article describes an authorization model suitable for cloud computing that supports hierarchical role-based access control, path-based object hierarchies, and federation. The authors also present an authorization system architecture for implementing the model. In particular, they provide some technical implementation details, together with performance results from the prototype. They also describe security, privacy, and trust management aspects for the authorization system.",

keywords = "Cloud computing, Security, Privacy, Authorization, Role based access control, Hierarchical RBAC",

author = "{Alcaraz Calero}, {Jose M.} and Nigel Edwards and Johannes Kirschnick and Lawrence Wilcock and Mike Wray",

year = "2010",

month = dec,

day = "31",

doi = "10.1109/MSP.2010.194",

language = "English",

volume = "8",

pages = "48--55",

journal = "IEEE Security and Privacy",

issn = "1540-7993",

publisher = "IEEE",

number = "6",

}

TY - JOUR

T1 - Toward a multi-tenancy authorization system for cloud services

AU - Alcaraz Calero, Jose M.

AU - Edwards, Nigel

AU - Kirschnick, Johannes

AU - Wilcock, Lawrence

AU - Wray, Mike

PY - 2010/12/31

Y1 - 2010/12/31

N2 - Cloud computing presents new security challenges to control access to information in cloud services. This article describes an authorization model suitable for cloud computing that supports hierarchical role-based access control, path-based object hierarchies, and federation. The authors also present an authorization system architecture for implementing the model. In particular, they provide some technical implementation details, together with performance results from the prototype. They also describe security, privacy, and trust management aspects for the authorization system.

AB - Cloud computing presents new security challenges to control access to information in cloud services. This article describes an authorization model suitable for cloud computing that supports hierarchical role-based access control, path-based object hierarchies, and federation. The authors also present an authorization system architecture for implementing the model. In particular, they provide some technical implementation details, together with performance results from the prototype. They also describe security, privacy, and trust management aspects for the authorization system.

KW - Cloud computing

KW - Security

KW - Privacy

KW - Authorization

KW - Role based access control

KW - Hierarchical RBAC

U2 - 10.1109/MSP.2010.194

DO - 10.1109/MSP.2010.194

M3 - Article

SN - 1540-7993

VL - 8

SP - 48

EP - 55

JO - IEEE Security and Privacy

JF - IEEE Security and Privacy

IS - 6

ER -

Toward a multi-tenancy authorization system for cloud services

Abstract

Keywords

Access to Document

Fingerprint

Cite this