Regresar

Enhance openstack access control via policy enforcement based on XACML

Abstract:

The cloud computing is driving the future of internet computation, and evolutes the concepts from software to infrastructure. OpenStack is one of promising open-sourced cloud computing platforms. The active developer community and worldwide partners make OpenStack as a booming cloud ecosystem. In OpenStack, it supports JSON file based access control for user authorization. In this paper, we introduce a more powerful and complex access control method, XACML access control mechanism in OpenStack. XACML is an approved OASIS standard for access control language, with the capability of handling all major access control models. It has numerous advantages for nowadays cloud computing environment, include fine-grained authorization policies and implementation independence. This paper puts forward a XACML access control solution in OpenStack, which has Policy Enforcement Point (PEP) embedded in OpenStack cloud service and a XACML engine server with policy storage database. Our implementation allows OpenStack users to choose XACML as an access control method of OpenStack and facilitate the management work on policies. Copyright © 2014 SCITEPRESS - Science and Technology Publications.

Año de publicación:

2014

Keywords:

  • authorization
  • CLOUD COMPUTING
  • OpenStack
  • Access Control
  • XACML
  • security

Fuente:

scopusscopus

Tipo de documento:

Conference Object

Estado:

Acceso restringido

Áreas de conocimiento:

  • Computación en la nube
  • Ciencias de la computación

Áreas temáticas:

  • Programación informática, programas, datos, seguridad
  • Pinophyta
  • Métodos informáticos especiales

Contribuidores:

Tapiador A.Tapiador A.
Joaquín SalvachúaJoaquín Salvachúa
Wei H.Wei H.