Enhancing Access Control Trees for Cloud Computing
- First Online:
- Cite this paper as:
- Ayeb N., Di Cerbo F., Trabelsi S. (2016) Enhancing Access Control Trees for Cloud Computing. In: Casteleyn S., Dolog P., Pautasso C. (eds) Current Trends in Web Engineering. ICWE 2016. Lecture Notes in Computer Science, vol 9881. Springer, Cham
In their different facets and flavours, cloud services are known for their performance and scalability in the number of users and resources. Cloud computing therefore needs security mechanisms that have the same characteristics. The Access Control Tree (ACT) is an authorization mechanism proposed for cloud services due to its performances and scalability in the number of resources and users. After an initial set-up phase, the ACT permits to simplify the evaluation of an authorization request to a simple visit to the tree structure. Our contribution extends ACT towards instance-based access control models by allowing the expression and evaluation of conditions in access control decisions. We evaluated our contribution against an Open Source authorization mechanism to evaluate its performance and suitability to production settings. Early results seem encouraging with this respect.