Self-adaptive authorisation in OpenStack cloud platform

IF 2.4 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS
Carlos Eduardo Da Silva, Thomás Diniz, Nelio Cacho, Rogério de Lemos
{"title":"Self-adaptive authorisation in OpenStack cloud platform","authors":"Carlos Eduardo Da Silva, Thomás Diniz, Nelio Cacho, Rogério de Lemos","doi":"10.1186/s13174-018-0090-7","DOIUrl":null,"url":null,"abstract":"Although major advances have been made in protection of cloud platforms against malicious attacks, little has been done regarding the protection of these platforms against insider threats. This paper looks into this challenge by introducing self-adaptation as a mechanism to handle insider threats in cloud platforms, and this will be demonstrated in the context of OpenStack. OpenStack is a popular cloud platform that relies on Keystone, its identity management component, for controlling access to its resources. The use of self-adaptation for handling insider threats has been motivated by the fact that self-adaptation has been shown to be quite effective in dealing with uncertainty in a wide range of applications. Insider threats have become a major cause for concern since legitimate, though malicious, users might have access, in case of theft, to a large amount of information. The key contribution of this paper is the definition of an architectural solution that incorporates self-adaptation into OpenStack Keystone in order to handle insider threats. For that, we have identified and analysed several insider threats scenarios in the context of the OpenStack cloud platform, and have developed a prototype that was used for experimenting and evaluating the impact of these scenarios upon the self-adaptive authorisation system for the cloud platforms.","PeriodicalId":46467,"journal":{"name":"Journal of Internet Services and Applications","volume":"48 1","pages":"1-17"},"PeriodicalIF":2.4000,"publicationDate":"2018-09-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Internet Services and Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1186/s13174-018-0090-7","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 7

Abstract

Although major advances have been made in protection of cloud platforms against malicious attacks, little has been done regarding the protection of these platforms against insider threats. This paper looks into this challenge by introducing self-adaptation as a mechanism to handle insider threats in cloud platforms, and this will be demonstrated in the context of OpenStack. OpenStack is a popular cloud platform that relies on Keystone, its identity management component, for controlling access to its resources. The use of self-adaptation for handling insider threats has been motivated by the fact that self-adaptation has been shown to be quite effective in dealing with uncertainty in a wide range of applications. Insider threats have become a major cause for concern since legitimate, though malicious, users might have access, in case of theft, to a large amount of information. The key contribution of this paper is the definition of an architectural solution that incorporates self-adaptation into OpenStack Keystone in order to handle insider threats. For that, we have identified and analysed several insider threats scenarios in the context of the OpenStack cloud platform, and have developed a prototype that was used for experimenting and evaluating the impact of these scenarios upon the self-adaptive authorisation system for the cloud platforms.
OpenStack云平台自适应授权
尽管在保护云平台免受恶意攻击方面取得了重大进展,但在保护这些平台免受内部威胁方面做得很少。本文通过引入自适应机制来处理云平台中的内部威胁来研究这一挑战,并将在OpenStack的上下文中进行演示。OpenStack是一个流行的云平台,它依赖于其身份管理组件Keystone来控制对其资源的访问。使用自适应来处理内部威胁的动机是,自适应已被证明在处理广泛应用中的不确定性方面非常有效。内部威胁已成为引起关注的主要原因,因为合法(尽管是恶意的)用户可能在被盗的情况下可以访问大量信息。本文的主要贡献是定义了一个架构解决方案,该解决方案将自适应集成到OpenStack Keystone中,以处理内部威胁。为此,我们确定并分析了OpenStack云平台背景下的几个内部威胁场景,并开发了一个原型,用于实验和评估这些场景对云平台自适应授权系统的影响。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Journal of Internet Services and Applications
Journal of Internet Services and Applications COMPUTER SCIENCE, INFORMATION SYSTEMS-
CiteScore
3.70
自引率
0.00%
发文量
2
审稿时长
13 weeks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信