ABSTRACT
In recent years, Attribute-Based Access Control (ABAC) has emerged as the desired access control model in scenarios involving sharing of resources across multiple domains. This necessitates organizations using traditional access control models to use ABAC. However, ab initio deployment of ABAC is both cost and time intensive. In this paper, we present ABACaaS - a cloud service that enables any organization to integrate ABAC into their own environment irrespective of the platform they operate in. We show both SaaS as well as PaaS instances of ABACaaS along with results on its performance.
- R. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman:Role-Based Access Control Models. IEEE Computer 29, 2, 38--47 (1996) Google ScholarDigital Library
- V. C. Hu, D. Ferraiolo, R. Kuhn, A. Schnitzer, K. Sandlin, R. Miller, and K. Scarfon: Guide to Attribute Based Access Control (ABAC) Definition and Considerations. NIST Special Publication (2014)Google Scholar
- D. Servos, and S. L. Osborn: Current Research and Open Problems in Attribute-Based Access Control. ACM Comput. Surv., 65:1--65:45 (2017) Google ScholarDigital Library
- J. M. Alcaraz Calero, N. Edwards, J. Kirschnick, L. Wilcock, and M. Wray:Toward a Multi-Tenancy Authorization System for Cloud Services.IEEE Security and Privacy, 48--55 (2010) Google ScholarDigital Library
- R. Wu, X. Zhang, G-J. Ahn, H. Sharifi, and H. Xie:ACaaS: Access Control as a Service for IaaS Cloud. International Conference on Social Computing, 423--428 (2013) Google ScholarDigital Library
- X. Jin:Attribute-Based Access Control Models and Implementation in cloud Infrastructure as a Service. Ph.D. Thesis, The University of Texas, (2014)Google Scholar
- NIST definition for SaaS, PaaS, IaaS, https://cloudinfosec.wordpress.com/2013/05/04/nist-definition-for-saas-paas-iaas/Google Scholar
Index Terms
- ABACaaS: Attribute-Based Access Control as a Service
Recommendations
ABAC and RBAC: Scalable, Flexible, and Auditable Access Management
Is it possible to obtain the flexibility and advantages of attribute-based access control while maintaining role-based access control's advantages for analysis and risk control?
Cloud service access control system based on ontologies
Cloud service is a new and distinctive business model for service providers. Access control is an emerging and challenging issue in supporting cloud service business. This work proposes a new access control mechanism called cloud service access control (...
Patterns for session-based access control
PLoP '06: Proceedings of the 2006 conference on Pattern languages of programsThe concept of session, the context under which a user accesses resources is very important to apply access control. We present first the Controlled Access Session pattern for describing how sessions can limit the rights of a user. We then combine this ...
Comments