A Distributed Authorization System with Mobile Usage Control Policies
Distributed systems, such as the Cloud, are widely used for solving large problems, because they provide big computational power at a low cost. From the security point of view, distributed systems pose new challenges, because the applications running on the components of the system could cooperate to access the system’s resources. Hence, the security support should consider all the accesses performed by the applications run by the same user on distinct nodes of a distributed system as the behaviour of that user. To address this problem, this paper proposes mobile usage control policies that, besides regulating the usage of the system resources, also define the exchange of some policy fragments among the nodes of the distributed system. In this way, the usage of resources performed on one node of the distributed system affects the right of accessing resources on other nodes of the system. A reference scenario where mobile usage control policies could be successfully adopted is the Cloud environment.
KeywordsCloud Computing Virtual Machine Cloud Provider Cloud Environment Usage Control
Unable to display preview. Download preview PDF.
- 1.Mell, P., Grance, T.: The NIST Definition of Cloud Computing. Recommendation of the National Institute of Standards and Technology (NIST), U.S. Department of Commerce (January 2011)Google Scholar
- 2.Amazon Elastic Compute Clouds (EC2), http://aws.amazon.com/ec2/
- 3.Amazon Simple Storage Service (S3), http://aws.amazon.com/s3/
- 4.Google App Engine, http://code.google.com/appengine
- 5.Google Apps, http://www.google.com/apps
- 8.Martinelli, F., Mori, P., Vaccarelli, A.: Towards continuous usage control on Grid computational services. In: Proc. of International Conference on Autonomic and Autonomous Systems and International Conference on Networking and Services 2005, p. 82. IEEE Computer Society, Los Alamitos (2005)Google Scholar
- 9.Lazouski, A., Colombo, M., Martinelli, F., Mori, P.: Controlling the Usage of Grid Services. International Journal of Computational Science 4(3), 373–386 (2009); Special issue: Recent Advance in Computing Technologies. Global Information PublisherGoogle Scholar
- 12.Stihler, M., Santin, A.O., Calsavara, A., Marcon Jr., A.L.: Distributed Usage Control Architecture for Business Coalitions. In: Proceedings of the IEEE International Conference on Communications, ICC 2009 (2009)Google Scholar
- 18.Cloud Security Alliance. Security Guidance for Critical Areas of Focus in Cloud Computing V2.1 (2009)Google Scholar
- 19.Cloud Security Alliance. Top Threats to Cloud Computing (2009)Google Scholar