Access control management of the cloud service platform

Abstract

One of the design goals of the Cloud Service Platform was to help application developers to create their applications easier by providing reusable service components in the form of web services, such as, RESTful web services or web services based on SOAP. The Cloud Service Platform is designed to target to the communication and collaboration domain so that it provides service components having functionalities such as Email, short messaging, file cloud, third-party call, wiki, and etc. Therefore application developers can utilize these service functionalities by requesting the resources using HTTP methods outside the Cloud Service Platform (CSP). Therefore, the access to service components plugged into the CSP should be managed and the authorization process for the requesting applications is needed. We specify the relationship between applications and service components using service key, which is the unique identifier for an application and a service component. In addition, we define additional HTTP headers for authorization of the requesting application and utilize these headers for access control to service components. In this paper, we introduce the Cloud Service Platform and describe the mechanism of the access control management for service components on the Cloud Service Platform.