Access and Usage Control in Grid Systems

Colombo, Maurizio; Lazouski, Aliaksandr; Martinelli, Fabio; Mori, Paolo

doi:10.1007/978-3-642-04117-4_16

Cited by 2 publications

(4 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Multiple such systems have been described in the domain of grid computing, e.g., CAS, Cardea and PRIMA [6]. Access control in this domain focuses on scalable access control management for a possibly large number of possibly large virtual organizations.…”

Section: Related Workmentioning

confidence: 99%

“…Therefore, these systems employ techniques similar to the ones used by Amusa, such as the decoupling of enforcement and policy evaluation. A good overview of this domain is given in [6]. Amusa combines these techniques with the recent technologies of ABAC and policy trees into a configurable access control middleware for the domain of SaaS.…”

Section: Related Workmentioning

confidence: 99%

“…The policy tree achieves this by inserting the isolation exceptions of a certain tenant below a target that only applies to its own resources. 6. Tenants cannot gain access to the resources of other tenants using their own policies.…”

mentioning

confidence: 97%

See 2 more Smart Citations

Amusa

Decat

Bogaerts

Lagaisse

et al. 2015

Proceedings of the 30th Annual ACM Symposium on Applied Computing

View full text Add to dashboard Cite

Software-as-a-service (SaaS) has been a growing trend in cloud computing for several years. Moreover, SaaS providers are evolving to application-level multi-tenancy, in which all tenants share the application instances, platform and data store with the aim of maximizing resource sharing. For multi-tenant SaaS applications, access control often is the only application-level security mechanism. However, such access control is inherently complex because both the provider and all tenants should be able to specify their access rules for the application. Moreover, these rules must all be securely combined and correctly enforced in the shared multi-tenant application. To address this challenge, we present the Amusa access control middleware. Amusa enables both the provider and all its tenants to efficiently declare their access rules on the SaaS application. To achieve this, Amusa provides incremental three-layered management based on attribute-based tree-structured policies. Afterwards, Amusa securely combines the access rules of all parties and enforces them at run-time with low performance overhead.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Amusa

Decat

Bogaerts

Lagaisse

et al. 2015

Proceedings of the 30th Annual ACM Symposium on Applied Computing

View full text Add to dashboard Cite

show abstract

“…Prior to this work, other authors have also discussed challenges for access control in a federated context (e.g., (Colombo et al, 2010;Freudenthal et al, 2002;Poortinga-van Wijnen et al, 2010;Chakraborty and Ray, 2006)). However, a large part of these challenges still remains and our experience shows that the technique of federated authorization is a necessary building block to address these.…”

Section: Access Control Challengesmentioning

confidence: 99%

On the Need for Federated Authorization in Cross-organizational e-Health Platforms

Decat

Landuyt

Lagaisse

et al. 2015

Proceedings of the International Conference on Health Informatics

View full text Add to dashboard Cite

Abstract:Health care is currently witnessing increased specialization as well as a need for integrated care delivery. As a result, care organizations should collaborate and in order to facilitate this, e-health collaboration platforms are being created. Access control is a primary concern for such cross-organizational platforms and efficient access control management is crucial to their adoption. Federated access control is a potential technique to achieve this and our experience in multiple research projects shows that federated authorization is an essential building block for future collaboration platforms. However, this technology still faces open research challenges. This paper wants to spark research on these challenges by motivating the need for federated authorization in the context of a real-world collaborative care platform. Based on this case study, we also discuss the state of the art and present a set of key requirements to realize wide-scale adoption of federated authorization in practice.

show abstract

Access and Usage Control in Grid Systems

Cited by 2 publications

References 18 publications

Amusa

Amusa

On the Need for Federated Authorization in Cross-organizational e-Health Platforms

Contact Info

Product

Resources

About