Resource management and authorization for cloud services

Abstract

In the age of cloud computing, companies still have the problem to manage access rights for resources. This is especially true, if companies are combined to virtual organizations and want to share resources that are located at cloud providers. For a consistent authorization model, an up to date knowledge about partner organizations is indispensable. This contribution proposes an approach to request the automatic deployment of resources from a cloud provider. The access rights to the resources are managed and administered by the proprietary company, even if partner organizations are involved. They are not published to the cloud provider, but remain in the owning company. This establishes a separation of resources (i.a. systems) and authorization, which alleviates security risks. Attackers of resources can not access them because the authorization model is not implemented on the same location as the resources. This makes the intrusion much more complex.