Access control delegation for the cloud

Author

Fotiou, Nikos ; Machas, Apostolis ; Polyzos, G.C. ; Xylomenos, George

Author_Institution

Dept. of Inf., Athens Univ. of Econ. & Bus., Athens, Greece

fYear

2014

fDate

April 27 2014-May 2 2014

Firstpage

13

Lastpage

18

Abstract

Cloud computing has become the focus of attention in the industry, from the point of view of both providers and customers, as well as researchers. However, security concerns still impede the widespread adoption of this technology. Most enterprises are particularly worried about the lack of control over their outsourced data since the authentication and authorization systems of Cloud providers are generic and they cannot be easily adapted to the requirements of each individual enterprise. An adaptation process requires the creation of complex protocols, often leading to security problems and “lock-in” conditions. In this paper we present the design of a lightweight solution that overcomes these problems. We have implemented and incorporated this solution in a popular open-source Cloud stack: OpenStack. Our solution eliminates the need for developing complex adaptation protocols, offers data owners the flexibility to switch among Cloud providers, or use multiple, different Cloud providers concurrently, and enhances end-user privacy.

Keywords

authorisation; cloud computing; data privacy; public domain software; OpenStack; access control delegation; adaptation process; authentication system; authorization system; cloud computing; cloud providers; complex protocols; data outsourcing; end-user privacy enhancement; lock-in conditions; open-source cloud stack; security problems; Authentication; Authorization; Conferences; Containers; Servers;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Communications Workshops (INFOCOM WKSHPS), 2014 IEEE Conference on

Conference_Location

Toronto, ON

Type

conf

DOI

10.1109/INFCOMW.2014.6849161

Filename

6849161