Open AccessAmusa
Author(s) -
Maarten Decat,
Jasper Bogaerts,
Bert Lagaisse,
Wouter Joosen
Publication year - 2015
Publication title -
lirias (ku leuven)
Language(s) - English
Resource type - Conference proceedings
ISBN - 978-1-4503-3196-8
DOI - 10.1145/2695664.2695708
Subject(s) - computer science , software as a service , multitenancy , access control , cloud computing , service provider , computer security , middleware (distributed applications) , overhead (engineering) , role based access control , software , service (business) , database , operating system , software development , economy , economics
Software-as-a-service (SaaS) has been a growing trend in cloud computing for several years. Moreover, SaaS providers are evolving to application-level multi-tenancy, in which all tenants share the application instances, platform and data store with the aim of maximizing resource sharing. For multi-tenant SaaS applications, access control often is the only application-level security mechanism. However, such access control is inherently complex because both the pro\-vider and all tenants should be able to specify their access rules for the application. Moreover, these rules must all be securely combined and correctly enforced in the shared multi-tenant application. To address this challenge, we present the Amusa access control middleware. Amusa enables both the provider and all its tenants to efficiently declare their access rules on the SaaS application. To achieve this, Amusa provides incremental three-layered management based on attribute-based tree-structured policies. Afterwards, Amusa securely combines the access rules of all parties and enforces them at run-time with low performance overhead.status: publishe
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom