A Formal Technique for Composing Cloud Services

Barati, Masoud

doi:10.5755/j01.itc.49.1.23403

Cited by 2 publications

(1 citation statement)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Specifically, we propose an approach to generate an efficiently evaluatable composite access control policy using the local access control policies of component services that include both attribute-based and event-driven policies. Since a BP and event-driven policies can be abstracted as automata, we can make use of a behavior composition framework to automatically compose the BP and event-driven policies for realizing a desired specification -called a target behavior [4], [6]. The framework uses a sound and complete automata-theoretic technique for synthesizing a controller/orchestrator that at each step of execution delegates a requested operation by the target to a proper available service.…”

Section: Introductionmentioning

confidence: 99%

Blockchain Based Auditable Access Control For Business Processes With Event Driven Policies

Akhtar,

Barati,

Shafiq

et al. 2024

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

The use of blockchain technology has been proposed to provide auditable access control for individual resources. Unlike the case where all resources are owned by a single organization, this work focuses on distributed applications such as business processes and distributed workflows. These applications are often composed of multiple resources/services that are subject to the security and access control policies of different organizational domains. Here, blockchains provide an attractive decentralized solution to provide auditability. However, the underlying access control policies may have event-driven constraints and can be overlapping in terms of the component conditions/rules as well as events. Existing work cannot handle event-driven constraints and also does not sufficiently account for overlaps leading to significant overhead in terms of cost and computation time for evaluating authorizations over the blockchain. In this work, we propose an automata-theoretic approach for generating a cost-efficient composite access control policy. We reduce this composite policy generation problem to the standard weighted set cover problem. We show that the composite policy correctly captures all the local access control policies and reduces the policy evaluation cost over the blockchain. We have implemented the initial prototype of our approach using Ethereum as the underlying blockchain and empirically validated the effectiveness and efficiency of our approach.

show abstract

Section: Introductionmentioning

confidence: 99%