Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS)

Qiong Zuo, Meiyi Xie, W. Tsai
{"title":"Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS)","authors":"Qiong Zuo, Meiyi Xie, W. Tsai","doi":"10.1109/ISADS.2015.47","DOIUrl":null,"url":null,"abstract":"Sub-Tenancy Architecture (STA), is an extension of Multi-Tenancy Architecture (MTA), allows tenants to offer services for subtenant developers to customize their applications in the SaaS infrastructure [1]. In a STA system, tenants are autonomous decentralized entities who can create subtenants, and grant their resources (including private services and data) to their subtenants. The isolation and sharing relations between parent-child tenants, sibling tenants or non-related tenants are more complicated than those between tenants in MTA. It is important to keep resource private, and at the same time, allow them to be shared, and support application customizations for tenants. This paper provides a formal definition of a new tenant-based access control model based on Administrative Role-Based Access Control (ARBAC) for STA in SaaS. Autonomous Areas (AA) and AA-tree are proposed to describe the autonomy of tenants, including their isolation and sharing relationships. Different resource sharing methods are given out to create and deploy the access control scheme in STA models.","PeriodicalId":282286,"journal":{"name":"2015 IEEE Twelfth International Symposium on Autonomous Decentralized Systems","volume":"21 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE Twelfth International Symposium on Autonomous Decentralized Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISADS.2015.47","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 6

Abstract

Sub-Tenancy Architecture (STA), is an extension of Multi-Tenancy Architecture (MTA), allows tenants to offer services for subtenant developers to customize their applications in the SaaS infrastructure [1]. In a STA system, tenants are autonomous decentralized entities who can create subtenants, and grant their resources (including private services and data) to their subtenants. The isolation and sharing relations between parent-child tenants, sibling tenants or non-related tenants are more complicated than those between tenants in MTA. It is important to keep resource private, and at the same time, allow them to be shared, and support application customizations for tenants. This paper provides a formal definition of a new tenant-based access control model based on Administrative Role-Based Access Control (ARBAC) for STA in SaaS. Autonomous Areas (AA) and AA-tree are proposed to describe the autonomy of tenants, including their isolation and sharing relationships. Different resource sharing methods are given out to create and deploy the access control scheme in STA models.
软件即服务(SaaS)中子租赁体系结构的自治分散租户访问控制模型
子租户架构(Sub-Tenancy Architecture, STA)是多租户架构(Multi-Tenancy Architecture, MTA)的扩展,它允许租户为子租户开发人员提供服务,以便在SaaS基础设施中定制他们的应用程序[1]。在STA系统中,租户是自治的分散实体,可以创建子租户,并将其资源(包括私有服务和数据)授予其子租户。在MTA中,亲子租户、兄弟租户和非相关租户之间的隔离和共享关系比租户之间的隔离和共享关系更为复杂。重要的是保持资源私有,同时允许共享资源,并支持租户的应用程序自定义。本文在基于管理角色的访问控制(ARBAC)的基础上,为SaaS中的STA提供了一个新的基于租户的访问控制模型的正式定义。提出了自治区域(Autonomous Areas, AA)和AA树来描述租户之间的自治关系,包括租户之间的隔离关系和共享关系。给出了不同的资源共享方法来创建和部署STA模型中的访问控制方案。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信