Toward a multi-tenancy authorization system for cloud services

Jose M. Alcaraz Calero, Nigel Edwards, Johannes Kirschnick, Lawrence Wilcock, Mike Wray

Research output: Contribution to journalArticlepeer-review

98 Citations (Scopus)


Cloud computing presents new security challenges to control access to information in cloud services. This article describes an authorization model suitable for cloud computing that supports hierarchical role-based access control, path-based object hierarchies, and federation. The authors also present an authorization system architecture for implementing the model. In particular, they provide some technical implementation details, together with performance results from the prototype. They also describe security, privacy, and trust management aspects for the authorization system.
Original languageEnglish
Pages (from-to)48-55
Number of pages8
JournalIEEE Security and Privacy
Issue number6
Publication statusPublished - 31 Dec 2010
Externally publishedYes


  • Cloud computing
  • Security
  • Privacy
  • Authorization
  • Role based access control
  • Hierarchical RBAC


Dive into the research topics of 'Toward a multi-tenancy authorization system for cloud services'. Together they form a unique fingerprint.

Cite this