Enhancing Access Control Trees for Cloud Computing

Conference paper

DOI: 10.1007/978-3-319-46963-8_3

Part of the Lecture Notes in Computer Science book series (LNCS, volume 9881)
Cite this paper as:
Ayeb N., Di Cerbo F., Trabelsi S. (2016) Enhancing Access Control Trees for Cloud Computing. In: Casteleyn S., Dolog P., Pautasso C. (eds) Current Trends in Web Engineering. ICWE 2016. Lecture Notes in Computer Science, vol 9881. Springer, Cham

Abstract

In their different facets and flavours, cloud services are known for their performance and scalability in the number of users and resources. Cloud computing therefore needs security mechanisms that have the same characteristics. The Access Control Tree (ACT) is an authorization mechanism proposed for cloud services due to its performances and scalability in the number of resources and users. After an initial set-up phase, the ACT permits to simplify the evaluation of an authorization request to a simple visit to the tree structure. Our contribution extends ACT towards instance-based access control models by allowing the expression and evaluation of conditions in access control decisions. We evaluated our contribution against an Open Source authorization mechanism to evaluate its performance and suitability to production settings. Early results seem encouraging with this respect.

Keywords

Access control Data structures Cloud 

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  1. 1.Security Research, SAP Labs FranceMouginsFrance

Personalised recommendations