Modified BTG-RBAC model for SaaS

Abstract

Cloud computing is a request-response model that deliver the services over internet. Customer offers the benefit/payment to the service provider based on the resource usage called utility computing. The principal service models being deployed in cloud are Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS). SaaS delivers software as a service, PaaS delivers computing platform as a service and IaaS delivers infrastructure as a service over the internet. Role Based Access Control (RBAC) is a variant of access control model, where user gains the access depending on the role chosen. Further some RBAC models like `Break The Glass' (BTG) approach allow the user to access the denied services with only two options access or deny. However in the proposed approach, access control status is enhanced to improve the flexibility and efficiency in RBAC without compromising on the security issue. The proposed model is implemented as client-server architecture by modifying BTG-RBAC Model.