Towards a Flexible Fine-Grained Access Control System for Modern Cloud Applications

Abstract

The fast growth of cloud applications highlights the requirement of appropriate security controls to restrict access to shared resources limited to authorized users. Existing authorization systems are not primarily designed for cloud environments and do not provide the required flexibility, adaptability, elasticity, scalability, or fine-grainedness of cloud applications. This paper outlines an ongoing effort in development of a flexible fine-grained access control system for modern cloud-based applications. Modern cloud applications are distinctive in that the required authorization rules are defined by the organizations owning data and resources, before the application logic can be developed by their programmers. Although this simplifies cloud application development and provides flexibility and adaptability to potential future policy changes, it highlights the need for an adaptive flexible authorization system.