EACF: extensible access control framework for cloud environments

The dynamic authorization and continuous monitoring of resource usage in cloud environments is a challenge. Moreover, the extant access control techniques are not well-suited for all types of the cloud-hosted applications predominantly for two reasons. Firstly, these techniques lack in providing fea...

Full description

Saved in:
Bibliographic Details
Published in:Annales des télécommunications Vol. 72; no. 5-6; pp. 307 - 323
Main Authors: Mehak, Faria, Masood, Rahat, Shibli, Muhammad Awais, Elgedway, Islam
Format: Journal Article
Language:English
Published: Paris Springer Paris 01.06.2017
Springer Nature B.V
Subjects:
Access control
Circuits
Cloud computing
Communications Engineering
Computer Communication Networks
Consumers
Customization
Engineering
Extensibility
Information and Communication
Information Systems and Communication Service
Monitoring
Networks
R & D/Technology Policy
Security management
Signal,Image and Speech Processing
Software services
Software-as-a-service
Authorization
Fine-grained access control
Software-as-a-service
Cloud computing
Extensible access control markup language
Access control-as-a-service
Usage-based access control
Attribute-based access control
ISSN:0003-4347, 1958-9395
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The dynamic authorization and continuous monitoring of resource usage in cloud environments is a challenge. Moreover, the extant access control techniques are not well-suited for all types of the cloud-hosted applications predominantly for two reasons. Firstly, these techniques lack in providing features such as generality, extensibility, and flexibility. Secondly, they are static in nature, such that once the user is authorized, they do not evaluate the access request during and after the resource usage. Every application hosted in the cloud has its own requirement of evaluating access request; some applications require request evaluation before assigning resources, while some require continuous monitoring of resource usage along with a dynamic update of attribute values. To address these diverse requirements, we present an Extensible Access Control Framework (EACF) for cloud-based applications, which provides high-level extensibility by incorporating different access control models about the needs of the Cloud service consumers (organizations). A number of access control models are combined in the EACF, which provides reliable authorization service for managing and controlling access to the software as a service-hosted cloud applications.It also helps cloud consumers to provide authorized access to resources (data), as well as contributes to eliminate the need to write customized security code for individual applications. As a case study, three access control models are incorporated into the framework and tested on SaaS-hosted application DSpace to ascertain that the proposed features are functional and working fine.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0003-4347
1958-9395
DOI:10.1007/s12243-016-0548-1