%0 Conference Proceedings
%T Role-Centric Circle-of-Trust in Multi-tenant Cloud IaaS
%+ The University of Texas at San Antonio (UTSA)
%A Pustchi, Navid
%A Sandhu, Ravi
%Z Part 3: Access Control
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 30th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec)
%C Trento, Italy
%Y Silvio Ranise
%Y Vipin Swarup
%I Springer International Publishing
%3 Data and Applications Security and Privacy XXX
%V LNCS-9766
%P 106-121
%8 2016-07-18
%D 2016
%R 10.1007/978-3-319-41483-6_8
%K Circle-of-Trust
%K Federation
%K Attribute-based access control
%K Collaboration
%K Multi-tenant
%K Authorization
%K Security
%Z Computer Science [cs]Conference papers
%X Currently, collaboration is a major challenge in adopting cloud Infrastructure-as-a-Service (IaaS). Enterprise work-flow intrinsically mandates collaboration across its tenant boundaries as well as with associated organizations’ tenants in the cloud. In this paper, we investigate a Circle-of-Trust approach where tenants establish trust within a circle of tenants for the purpose of collaboration. We present a novel extension of role-centric access control models to provide collaboration in the context of homogeneous and heterogeneous circles. In a homogeneous circle, our approach allows tenants to equally assert cross-tenant user assignments to enable access to shared resources. In a circle with non-uniform tenants, attributes are added to distinguish user-assignments where tenants are differentiated by type in the heterogeneous circle. Particularly, tenant-trust relation is established within a group of tenants authorizing user-role assignments across tenants.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-01633665/document
%2 https://inria.hal.science/hal-01633665/file/428203_1_En_8_Chapter.pdf
%L hal-01633665
%U https://inria.hal.science/hal-01633665
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-LNCS-9766