A Distributed Access Control Architecture for Cloud Computing

被引：88

作者：

Almutairi, Abdulrahman A. ^{[1
]}

Sarfraz, Muhammad I.

Basalamah, Saleh ^{[2
]}

Aref, Walid G.

Ghafoor, Arif ^{[1
]}

机构：

[1] Purdue Univ, Sch Elect & Comp Engn, W Lafayette, IN 47907 USA

[2] Umm Al Qura Univ, Mecca, Saudi Arabia

来源：

IEEE SOFTWARE | 2012年 / 29卷 / 02期

基金：

美国国家科学基金会;

关键词：

cloud computing; distributed access control; multitenancy; resource virtualization; software engineering;

D O I：

10.1109/MS.2011.153

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

The large-scale, dynamic, and heterogeneous nature of cloud computing poses numerous security challenges. But the cloud's main challenge is to provide a robust authorization mechanism that incorporates multitenancy and virtualization aspects of resources. The authors present a distributed architecture that incorporates principles from security management and software engineering and propose key requirements and a design model for the architecture. © 2012 IEEE.

引用

页码：36 / 44

页数：9

共 10 条

[1]

Afzal S., 2011, 2011 IEEE Conference on Visual Analytics Science and Technology, P191, DOI 10.1109/VAST.2011.6102457

[2] Security for the cloud infrastructure: Trusted virtual data center implementation [J].

Berger, S. ;

Caceres, R. ;

Goldman, K. ;

Pendarakis, D. ;

Perez, R. ;

Rao, J. R. ;

Rom, E. ;

Sailer, R. ;

Schildhauer, W. ;

Srinivasan, D. ;

Tal, S. ;

Valdez, E. .

IBM JOURNAL OF RESEARCH AND DEVELOPMENT, 2009, 53 (04)

[3] X-FEDERATE: A policy engineering framework for federated access management [J].

Bhatti, Rafae ;

Bertino, Elisa ;

Ghafoor, Arif .

IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2006, 32 (05) :330-346

[4] Toward a Multi-Tenancy Authorization System for Cloud Services [J].

Calero, Jose M. Alcaraz ;

Edwards, Nigel ;

Kirschnick, Johannes ;

Wilcock, Lawrence ;

Wray, Mike .

IEEE SECURITY & PRIVACY, 2010, 8 (06) :48-55

[5]

Jackson D., 2000, Proceedings of the 2000 International Conference on Software Engineering. ICSE 2000 the New Millennium, P730, DOI 10.1109/ICSE.2000.870482

[6] The Eucalyptus Open-source Cloud-computing System [J].

Nurmi, Daniel ;

Wolski, Rich ;

Grzegorczyk, Chris ;

Obertelli, Graziano ;

Soman, Sunil ;

Youseff, Lamia ;

Zagorodnov, Dmitrii .

CCGRID: 2009 9TH IEEE INTERNATIONAL SYMPOSIUM ON CLUSTER COMPUTING AND THE GRID, 2009, :124-131

[7]

Ristenpart Thomas., 2009, P 16 ACM C COMPUTER, V199-212, DOI DOI 10.1145/1653662.1653687

[8]

Rushby John., 1992, NONINTERFERENCE TRAN

[9] Secure interoperation in a multidomain environment employing RBAC policies [J].

Shafiq, B ;

Joshi, JBD ;

Bertino, E ;

Ghafoor, A .

IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2005, 17 (11) :1557-1577

[10] Security and Privacy Challenges in Cloud Computing Environments [J].

Takabi, Hassan ;

Joshi, James B. D. ;

Ahn, Gail-Joon .

IEEE SECURITY & PRIVACY, 2010, 8 (06) :24-31

← 1 →