Securing Loosely-Coupled Collaboration in Cloud Environment through Dynamic Detection and Removal of Access Conflicts
Online collaboration service has become a popular offering of present day Software-as-a-Service (SaaS) clouds. It facilitates sharing of information among multiple participating domains and accessing them from remote locations. Owing to loosely-coupled nature of such collaborations, access request from a remote user is made in the form of a set of permissions. The cloud vendor maps the requested permissions into appropriate local roles in order to allow resource access. However, coexistence of such multiple simultaneous role activation requests may introduce conflicts which violate the principle of security. In this paper, we propose a distributed secure collaboration framework which enables collaborating domains to detect and remove these conflicts. Two features of our framework are: (i) it requires only local information, and (ii) it detects and removes conflicts on-the-fly. Formal proofs have been provided to establish the correctness of our approach. Experimental results and qualitative comparison with related work demonstrate the efficacy of our approach in terms of response time, thus addressing the scalability requirement of cloud services.
N. Ghosh et al., "Securing Loosely-Coupled Collaboration in Cloud Environment through Dynamic Detection and Removal of Access Conflicts," IEEE Transactions on Cloud Computing, vol. 4, no. 3, pp. 349 - 362, Institute of Electrical and Electronics Engineers (IEEE), Jul 2016.
The definitive version is available at https://doi.org/10.1109/TCC.2014.2361527
Intelligent Systems Center
Keywords and Phrases
Clouds; Web services; Access conflict; Collaboration services; Loosely coupled; Role hierarchy; Separation of duty; Software as a service (SaaS); Loosely-coupled
International Standard Serial Number (ISSN)
Article - Journal
© 2016 Institute of Electrical and Electronics Engineers (IEEE), All rights reserved.
01 Jul 2016