Community-Based Secure Information and Resource Sharing in Azure Cloud IaaS

Abstract

To efficiently collaborate in cyber security defense and response, organizations must be able to securely share information and resources. A community in a cloud IaaS, which refers to a group of organizations with common business interests, will utilize cloud IaaS to realize their infrastructure deployments. Communities establish a mechanism to prevent, detect and respond to cyber attacks, and help member organizations in the community recover expeditiously. In this paper, we present an access control model for secure information and resource sharing between organizations in a community-based isolated environment in Microsoft Azure IaaS cloud platform, one of dominant commercial cloud platforms. The model facilitates organizations to share their IT resources with each other in a controlled and secure manner. We formally specify the administrative model and discuss enforcement techniques in the Azure cloud platform.