A Multi-Tenant Usage Access Model for Cloud Computing 被引量：1

下载PDF

导出

摘要 Most cloud services are built with multi-tenancy which enables data and configuration segregation upon shared infrastructures.It offers tremendous advantages for enterprises and service providers.It is anticipated that this situation will evolve to foster cross-tenant collaboration supported by Authorization as a service.To realize access control in a multi-tenant cloud computing environment,this study proposes a multi-tenant cloud computing access control model based on the traditional usage access control model by building trust relations among tenants.The model consists of three sub-models,which achieve trust relationships between tenants with different granularities and satisfy the requirements of different application scenarios.With an established trust relation in MT-UCON(Multi-tenant Usage Access Control),the trustee can precisely authorize cross-tenant accesses to the trustor’s resources consistent with constraints over the trust relation and other components designated by the trustor.In addition,the security of the model is analyzed by an information flow method.The model adapts to the characteristics of a dynamic and open multi-tenant cloud computing environment and achieves fine-grained access control within and between tenants.

作者 Zhengtao Liu Yun Yang Wen Gu Jinyue Xia

机构地区 School of Computer Science and Engineering International Business Machines Corporation(IBM)

出处《Computers, Materials & Continua》 SCIE EI 2020年第8期1233-1245,共13页 计算机、材料和连续体（英文）

关键词 Multi-tenant usage access control model cloud computing

分类号 TP3 [自动化与计算机技术—计算机科学与技术]

引文网络
相关文献

参考文献3

1初晓博,秦宇.一种基于可信计算的分布式使用控制系统[J].计算机学报,2010,33(1):93-102. 被引量：21
2冯朝胜,秦志光,袁丁,卿昱.云计算环境下访问控制关键技术[J].电子学报,2015,43(2):312-319. 被引量：52
3Qiong zuo,Meiyi XIE,Guanqiu QI,Hong ZHU.Tenant-based access control model for multi-tenancy and sub-tenancy architecture in Software-as-a-Service[J].Frontiers of Computer Science,2017,11(3):465-484. 被引量：3

二级参考文献25

1Park J, Sandhu R. The UCONABC usage control model. ACM Transactions on Information and System Security,2004, 7(1): 128- 174.
2Hilty M, Pretschner A, Basin D, Schaefer D, Waiter T. A policy language for distributed usage control//Proceedings of the European Symposium on Research in Computer Security (ESORICS). Dresden, 2007:531-546.
3Pretschner A, Hilty M, Basin D. Distributed usage control. Communications of the ACM, 2006, 49(9):39-44.
4Sailer R, Zhange X L, Jaeger T, Doorn L V. Design and implementation of a TCG-based integrity measurement architecture//Proceedings of the 13th USENIX Security Symposium. San Diego, 2004: 223-238.
5Jaeger T, Sailer R, Shankar U. PRIMA: Policy- reduced integrity measurement architecture//Proceedings of the 11th ACM Symposium on Access Control Models and Technologies (SACMAT). Lake Tahoe, 2006: 19-28.
6Chen L Q, Lohr H, Manulis M, Sadeghi A R. Propertybased attestation without a trusted third party//Proceedings of the Information Security Conference(ISC). Taipei, China, 2008:31-46.
7Brickell E, Camenisch J, Chen L Q. Direct anonymous attestation//Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS 2004). Washington. D.C., 2004:132-145.
8Chen L, Landfermann R, Lohr H, Rohe M, Sadeghi A, Stuble C. A protocol for property-based attestation//Proceedings of the 2006 ACM Workshop on Scalable Trusted Computing(STC), Alexandria, 2006:7-16.
9Kyle D, Brustoloni J C. UCLinux: A Linux security module for trusted computing based usage controls enforcement// Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing(STC). Alexandria, 2007:63 -70.
10Wright C, Cowan C, Smalley S, Morris J, Hartman G K. Linux security modules: General security support for the Linux kernel//Proceedings of the 11th USENIX Security Symposium. Berkeley, 2002:17 -31.

共引文献72

1吕井华,马兆丰,张德栋,闫玺玺.基于UCON模型的移动数字出版版权保护系统研究与设计[J].计算机科学,2012,39(S3):6-8. 被引量：2
2安俊秀.基于服务器集群的云检索系统的研究与示范[J].计算机科学,2010,37(7):179-182. 被引量：7
3杨传顺,王学万.实时数据分发系统的服务质量控制的研究[J].计算机技术与发展,2011,21(5):231-234. 被引量：8
4冯登国,秦宇,汪丹,初晓博.可信计算技术研究[J].计算机研究与发展,2011,48(8):1332-1349. 被引量：116
5鲁剑锋,刘华文,王多强.访问控制策略的分类方法研究[J].武汉理工大学学报（信息与管理工程版）,2011,33(6):878-882. 被引量：5
6李凤华,苏铓,史国振,马建峰.访问控制模型研究进展及发展趋势[J].电子学报,2012,40(4):805-813. 被引量：128
7杨明华,陶灵姣,杨斌,杨银刚,程宾.高可信容错计算机系统设计与应用研究[J].计算机工程,2012,38(15):237-239. 被引量：3
8王茜,朱志祥,葛新,杜迟.应用于云计算中心的虚拟主机安全防护系统[J].计算机技术与发展,2014,24(3):134-137. 被引量：6
9池亚平,丁正光,蒲钰.基于LDAP的云平台身份管理方案的设计与实现[J].北京电子科技学院学报,2017,25(2):66-72. 被引量：1
10苏恒阳.基于能耗指导分布式网络分簇路由优化设计[J].控制工程,2014,21(4):554-558. 被引量：4

同被引文献7

1李晓娜,李庆忠,孔兰菊,庞成.基于共享模式的SaaS多租户数据划分机制研究[J].通信学报,2012,33(S1):110-120. 被引量：11
2Li Yang,Yu Song.The Key Technologies Method of Heterogeneous Data Exchange Layer in Distribution Network Based on SOA[J].通讯和计算机（中英文版）,2012,9(6):649-652. 被引量：1
3LI Fuliang,AN Changqing,YANG Jiahai,WU Jianping,WANG Xingwei,XU Linchuan,XU Xin.Data Mapping Principles and Algorithm for Self-Configurable Systems[J].China Communications,2015,12(10):169-181. 被引量：4
4王倩宜,欧阳荣彬,龙新征.SaaS云服务环境下的管理信息系统方案研究[J].华东师范大学学报（自然科学版）,2015(6):134-142. 被引量：8
5张雅文,刘春霞,党伟超,白尚旺.面向SaaS应用基于多宽表模式的多租户索引研究[J].计算机应用与软件,2018,35(7):63-68. 被引量：2
6过晓娇,田钟晓.一种基于SaaS平台的轻量级多租户数据存储模式设计与实现[J].电脑编程技巧与维护,2023(5):80-82. 被引量：3
7付国宝,宋兴云,赵仁宏.一种基于中台技术的数据治理解决方案[J].上海船舶运输科学研究所学报,2023,46(3):42-46. 被引量：2

引证文献1

1丁洪翔,赵卓峰.一种适于跨租户数据共享的多租户数据存储模式[J].南京大学学报（自然科学版）,2024,60(3):491-501.

1Zhengtao Liu,Yi Ying,Yaqin Peng,Jinyue Xia.A Temporal Multi-Tenant RBAC Model for Collaborative Cloud Services[J].Computers, Materials & Continua,2020(5):861-871.
2Hyenho Lho,Rahul Pandharipande.Holomorphic Anomaly Equations for the Formal Quintic[J].Peking Mathematical Journal,2019,2(1):1-40.
3Changji Wang,Yuan Yuan.An Efficient Ciphertext-Policy Attribute-Based Encryption Scheme with Policy Update[J].Computers, Materials & Continua,2020(5):1031-1041. 被引量：1
4Fengrui Liu,Wanting Yao,Xinhong Shi,Libin Zhao,Jianyu Zhang.Bearing Failure Optimization of Composite Double-Lap Bolted Joints Based on a Three-Step Strategy Marked By Feasible Region Reduction and Model Decoupling[J].Computers, Materials & Continua,2020(2):977-999. 被引量：1
5Ruian TIE,Chunxiang SHI,Gang WAN,Xingjie HU,Lihua KANG,Lingling GE.CLDASSD:Reconstructing Fine Textures of the Temperature Field Using Super-Resolution Technology[J].Advances in Atmospheric Sciences,2022,39(1):117-130. 被引量：2

Computers, Materials & Continua

2020年第8期

浏览历史

内容加载中请稍等...