Risk-based dynamic access control for a highly scalable cloud federation

SECURWARE 2013 - 7th International Conference on Emerging Security Information, Systems and Technologies

Volumn , Issue , 2013, Pages 8-13

  Dos Santos, Daniel Ricardo ^a   Westphall, Carla Merkle ^a   Westphall, Carlos Becker ^a  

^a FEDERAL UNIVERSITY OF SANTA CATARINA   (Brazil)

Author keywords

Access control; Cloud computing; Cloud federation; Risk

Indexed keywords

EID: 84894170461     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (33)

1. P. Mell and T. Grance, "The NIST Definition of Cloud Computing", 2011. Available at: http://csrc.nist.gov/publications/nistpubs/ 800-145/SP800-145.pdf [Retrieved: May, 2013]
2. E. Carlini, M. Coppola, P. Dazzi, L. Ricci, and G. Righetti, "Cloud Federations in Contrail", Proc. Euro-Par 2011: Parallel Processing Workshops, 2012, pp. 159-168
3. B. Rochwerger et al., "The reservoir model and architecture for open federated cloud computing", IBM J. Res. Dev., Vol. 53, no. 4, July 2009, pp. 535-545
4. T. Kurze, M. Klems, D. Bermbach, A. Lenk, S. Tai, and M. Kunze, "Cloud Federation", The Second International Conference on Cloud Computing, GRIDs, and Virtualization, September 2011, pp. 32-38
5. K. Lampropoulos and S. Denazis, "Identity management directions in future internet", IEEE Communications Magazine, Vol. 49, no. 12, December 2012, pp. 74-83
6. A. Celesti, F. Tusa, M. Villari, and A. Puliafito, "How to Enhance Cloud Architectures to Enable Cross-Federation", Proc. 3rd IEEE International Conference on Cloud Computing, July 2010, pp.337345
7. A. Celesti, F. Tusa, M. Villari, and A. Puliafito, "Security and Cloud Computing: InterCloud Identity Management Infrastructure", 19th IEEE WETICE, June 2010, pp. 263-265
8. A. Celesti, F. Tusa, M. Villari, and A. Puliafito, "Three-Phase Cross-Cloud Federation Model: The Cloud SSO Authentication", 2nd AFIN, July 2010, pp. 94-101
9. A. Celesti, F. Tusa, M. Villari, and A. Puliafito, "Federation Establishment Between CLEVER Clouds Through a SAML SSO Authentication Profile", International Journal on Advances in Internet Technology, Vol. 4, no. 12, 2011, pp. 14-27
10. M. Coppola et al., "The Contrail approach to cloud federations", Proc. ISGC'12, 2012
11. D. Bernstein, E. Ludvigson, K. Sankar, S. Diamond, and M. Morrow, "Blueprint for the Intercloud - Protocols and Formats for Cloud Computing Interoperability", Proc. 4th ICIW, May 2009, pp. 328-336
12. D. Bernstein and D. Vij, "Intercloud Directory and Exchange Protocol Detail Using XMPP and RDF", Proc. 6th SERVICES, July 2010, pp. 431-438
13. V. Suhendra, "A Survey on Access Control Deployment", Proc. FGIT-SecTech, 2011, pp. 11-20
14. D. Fall, G. Blanc, T. Okuda, Y. Kadobayashi, and S. Yamaguchi, "Toward Quantified Risk-Adaptive Access Control for Multi-tenant Cloud Computing", Proc. 6th JWIS, October 2011
15. P. Arias-Cabarcos, F. Almenárez-Mendoza, A. Marín- López, D. Díaz-Sánchez, and R. Sánchez-Guerrero, "A Metric-Based Approach to Assess Risk for "On Cloud"' Federated Identity Management", Journal of Network and Systems Management, Vol. 20, no. 4, 2012, pp. 513-533
16. P. Harsh, Y. Jegou, R. Cascella, and C. Morin, "Contrail virtual execution platform challenges in being part of a cloud federation", Proc. 4th ServiceWave, 2011, pp. 50-61
17. R. Buyya, R. Ranjan, and R. Calheiros, "InterCloud: Utility-Oriented Federation of Cloud Computing Environments for Scaling of Application Services", Algorithms and Architectures for Parallel Processing, Vol. 6081, Springer, 2010, pp. 13-31
18. D. Catteddu and G. Hogben, "Cloud Computing: benefits, risks and recommendations for information security", Technical Report. European Network and Information Security Agency, 2009
19. B. Farroha and D. Farroha, "Challenges of operationalizing dynamic system access control: Transitioning from ABAC to RAdAC", Proc. SysCon, March 2012, pp. 1-7
20. F. Salim, J. F. Reid, and E. Dawson, "Towards authorisation models for secure information sharing: a survey and research agenda." The ISC International Journal of Information Security, Vol. 2, 2010
21. B. McQuaide, "Identity and Access Management", Information Systems Control Journal, Vol. 4, ISACA, 2003
22. JASON Program Office, "Horizontal Integration: Broader Access Models for Realizing Information Dominance", Technical Report. MITRE Corporation, December 2004
23. D. W. Britton and I. A. Brown, "A Security Risk Measurement for the RAdAC Model.", Naval Postgradute School Thesis, 2007
24. Q. Wang and H. Jin, "Quantified risk-adaptive access control for patient privacy protection in health information systems", Proc. 6th ASIACCS, 2011, pp. 406-410
25. Y. Li, H. Sun, Z. Chen, J. Ren, and H. Luo, "Using Trust and Risk in Access Control for Grid Environment", Proc. SECTECH, 2008, pp. 13-16
26. R. A. Shaikh, K. Adi, and L. Logrippo, "Dynamic risk-based decision methods for access control systems", Computers & Security, Elsevier, Vol. 31, no. 4, 2012, pp. 447-464
27. I. Molloy, P. Cheng, and P. Rohatgi, "Trading in risk: using markets to improve access control", Proc. NSPW, 2008, pp. 107-125
28. D. N. Sriram, "Federated Identity Management in Intercloud", Der Technischen Universität München Thesis, January 2013
29. R. Lepro, "Cardea: Dynamic Access Control in Distributed Systems", Technical Report, NASA, November 2003
30. A. Ferreira et al., "How to Securely Break into RBAC: The BTG-RBAC Model", Proc. ACSAC '09, 2009, pp. 23-31
31. L. Zhang, A. Brodsky, and S. Jajodia, "Toward information sharing: benefit and risk access control (BARAC)", Proc. 7th IEEE POLICY, 2006, pp. 9-53
32. H. Lee, I. Jeun, and H. Jung, "Criteria for evaluating the privacy protection level of identity management services", Proc. SECURWARE, 2009, p. 155-160
33. J. Tigli, S. Lavirotte, G. Rey, V. Hourdin, and M. Riveill, "Context-aware Authorization in Highly Dynamic Environments", International Journal of Computer Science Issues, Vol. 4, no. 1, 2009, pp. 24-35