A Context-Aware Service for Authorizing Multi-cloud Deployments

  • Yiannis VerginadisEmail author
  • Ioannis PatiniotakisEmail author
  • Gregoris MentzasEmail author
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 927)


The most recent advancements in cloud computing, highlight the need for supporting deployments on virtualised resources bounded to the data-intensive application requirements and not limited by the strict boundaries of each available cloud provider. Towards this direction, one important challenge is the appropriate protection of the software infrastructure used for automatically performing application components deployment over multi-clouds. Specifically, we discuss the requirements and introduce a novel attribute-based access control mechanism, able to cope with potential cybersecurity threats that may compromise the deployment of multi-cloud applications. We attempt to tackle the authorization issues from two different perspectives; namely, coping with the “access control” to various platform components and the “pre-authorization” of application deployment and data placement actions using multiple cloud providers.



The research leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 731664. The authors would like to thank the partners of the MELODIC project ( for their valuable advices and comments.


  1. 1.
    Verginadis, Y., Patiniotakis, I., Mentzas, G.: Metadata schema for data-aware multi-cloud computing. In: INISTA, pp. 1–9. IEEE (SMC) (2018)Google Scholar
  2. 2.
    Horn, G., Skrzypek, P.: MELODIC: utility based cross cloud deployment optimisation. In: Proceedings of the 32nd International Conference on Advanced Information Networking and Applications Workshops (WAINA) (2018).
  3. 3.
    CSA: The Treacherous 12 - Cloud Computing Top Threats in 2016.
  4. 4.
    Verginadis, Y., Michalas, A., Gouvas, P., Schiefer, G., Hübsch, G., Paraskakis, I.: PaaSword: a holistic data privacy and security by design framework for cloud services. J. Grid Comput. 1–16 (2017).
  5. 5.
    Decker, M.: Modelling of location-aware access control rules. In: Maria Cruz-Cunha, F.M. (ed.), Handbook of Research on Mobility and Computing: Evolving Technologies and Ubiquitous Impacts, Information Science Reference, Hershey, PA, USA, 2011, incollection 57, pp. 912–929 (2011)Google Scholar
  6. 6.
    Hu, V.C., Ferraiolo, D., Kuhn, R., Friedman, A.R., Lang, A.J., Cogdell, M.M., Schnitzer, A., Sandlin, K., Miller, R., Scarfone, K.: Guide to attribute based access control (ABAC) definition and considerations (draft). NIST Special Publication 800, 162 (2013)Google Scholar
  7. 7.
    Ferraiolo, D., Cugini, J., Kuhn, D.R.: Role-based access control (RBAC): features and motivations. In: Proceedings of 11th Annual Computer Security Application Conference, pp. 241–248 (1995)Google Scholar
  8. 8.
    Ferraiolo, D., Chandramouli, R., Kuhn, R., Hu, V.: Extensible access control markup language (XACML) and next generation access control (NGAC). In: Proceedings of the ACM International Workshop on Attribute Based Access Control, pp. 13–24. ACM (2016)Google Scholar
  9. 9.
    Garcia-Alfaro, J., Navarro-Arribas, G.: Prevention of cross-site scripting attacks on current web applications. In: OTM Confederated International Conferences on the Move to Meaningful Internet Systems, pp. 1770–1784. Springer (2007)Google Scholar
  10. 10.
    Abowd, G.D., Dey, A.K., Brown, P.J., Davies, N., Smith, M., Steggles, P.: Towards a better understanding of context and context-awareness. In: International Symposium on Handheld and Ubiquitous Computing, pp. 304–307. Springer (1999)Google Scholar
  11. 11.
    Kiczales, G., Lamping, J., Mendhekar, A., Maeda, C., Lopes, C., Loingtier, J., M., Irwin, J.: Aspect-oriented programming. In: European conference on object-oriented programming, pp. 220–242. Springer (1997)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Institute of Communications and Computer SystemsNational Technical University of AthensAthensGreece

Personalised recommendations