{"title":"为IaaS云提供多策略支持,以确保数据共享","authors":"Ying Fairweather, Dongwan Shin","doi":"10.4108/ICST.COLLABORATECOM.2013.254127","DOIUrl":null,"url":null,"abstract":"Infrastructure as a service (IaaS) is a cloud service model that provides storage and computation services for users at a low price. A recent report from Gartner indicates that IaaS will be the fastest growing area among all of the cloud service models in the near future, and thus it is strongly envisioned that multiple companies will use IaaS clouds to share information among them. However, the current access control mechanisms in IaaS platforms do not have the ability to enable flexible data sharing among companies while addressing security problems such as information and privacy leaking. In this paper, we propose two IaaS cloud reference architectures that enforce cloud-level Chinese Wall security (CWS) policy to prevent information leaking among companies. The new architectures are also able to support customized domain level access control policies such as role-based access control (RBAC), privacy-preserving information retrieval, and single sign on (SSO). The reference architectures were implemented using Eucalyptus and its data storage service called Walrus; therefore, our approach can also be applied to commercial clouds like Amazon S3. The result of performance analysis has shown that our architectures are feasible, scalable, and efficient.","PeriodicalId":222111,"journal":{"name":"9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Towards multi-policy support for IaaS clouds to secure data sharing\",\"authors\":\"Ying Fairweather, Dongwan Shin\",\"doi\":\"10.4108/ICST.COLLABORATECOM.2013.254127\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Infrastructure as a service (IaaS) is a cloud service model that provides storage and computation services for users at a low price. A recent report from Gartner indicates that IaaS will be the fastest growing area among all of the cloud service models in the near future, and thus it is strongly envisioned that multiple companies will use IaaS clouds to share information among them. However, the current access control mechanisms in IaaS platforms do not have the ability to enable flexible data sharing among companies while addressing security problems such as information and privacy leaking. In this paper, we propose two IaaS cloud reference architectures that enforce cloud-level Chinese Wall security (CWS) policy to prevent information leaking among companies. The new architectures are also able to support customized domain level access control policies such as role-based access control (RBAC), privacy-preserving information retrieval, and single sign on (SSO). The reference architectures were implemented using Eucalyptus and its data storage service called Walrus; therefore, our approach can also be applied to commercial clouds like Amazon S3. The result of performance analysis has shown that our architectures are feasible, scalable, and efficient.\",\"PeriodicalId\":222111,\"journal\":{\"name\":\"9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing\",\"volume\":\"26 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-12-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4108/ICST.COLLABORATECOM.2013.254127\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4108/ICST.COLLABORATECOM.2013.254127","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Towards multi-policy support for IaaS clouds to secure data sharing
Infrastructure as a service (IaaS) is a cloud service model that provides storage and computation services for users at a low price. A recent report from Gartner indicates that IaaS will be the fastest growing area among all of the cloud service models in the near future, and thus it is strongly envisioned that multiple companies will use IaaS clouds to share information among them. However, the current access control mechanisms in IaaS platforms do not have the ability to enable flexible data sharing among companies while addressing security problems such as information and privacy leaking. In this paper, we propose two IaaS cloud reference architectures that enforce cloud-level Chinese Wall security (CWS) policy to prevent information leaking among companies. The new architectures are also able to support customized domain level access control policies such as role-based access control (RBAC), privacy-preserving information retrieval, and single sign on (SSO). The reference architectures were implemented using Eucalyptus and its data storage service called Walrus; therefore, our approach can also be applied to commercial clouds like Amazon S3. The result of performance analysis has shown that our architectures are feasible, scalable, and efficient.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
