Securing Loosely-Coupled Collaboration in Cloud Environment through Dynamic Detection and Removal of Access Conflicts
Abstract
Online collaboration service has become a popular offering of present day Software-as-a-Service (SaaS) clouds. It facilitates sharing of information among multiple participating domains and accessing them from remote locations. Owing to loosely-coupled nature of such collaborations, access request from a remote user is made in the form of a set of permissions. The cloud vendor maps the requested permissions into appropriate local roles in order to allow resource access. However, coexistence of such multiple simultaneous role activation requests may introduce conflicts which violate the principle of security. In this paper, we propose a distributed secure collaboration framework which enables collaborating domains to detect and remove these conflicts. Two features of our framework are: (i) it requires only local information, and (ii) it detects and removes conflicts on-the-fly. Formal proofs have been provided to establish the correctness of our approach. Experimental results and qualitative comparison with related work demonstrate the efficacy of our approach in terms of response time, thus addressing the scalability requirement of cloud services.
Recommended Citation
N. Ghosh et al., "Securing Loosely-Coupled Collaboration in Cloud Environment through Dynamic Detection and Removal of Access Conflicts," IEEE Transactions on Cloud Computing, vol. 4, no. 3, pp. 349 - 362, Institute of Electrical and Electronics Engineers (IEEE), Jul 2016.
The definitive version is available at https://doi.org/10.1109/TCC.2014.2361527
Department(s)
Computer Science
Research Center/Lab(s)
Intelligent Systems Center
Keywords and Phrases
Clouds; Web services; Access conflict; Collaboration services; Loosely coupled; Role hierarchy; Separation of duty; Software as a service (SaaS); Loosely-coupled
International Standard Serial Number (ISSN)
2168-7161; 2372-0018
Document Type
Article - Journal
Document Version
Citation
File Type
text
Language(s)
English
Rights
© 2016 Institute of Electrical and Electronics Engineers (IEEE), All rights reserved.
Publication Date
01 Jul 2016
Comments
The work of N. Ghosh was partially supported by TCS Research Scholarship grant. The work of S. K. Das was supported by the US National Science Foundation grants under award numbers CNS-1355505, IIS-1404673 and CNS-1404677.