Semantically Rich, Context Aware Access Control for Openstack
2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC)(2018)
摘要
In an open source cloud computing platform such as OpenStack, operators use Role-Based Access Control (RBAC) model to grant access to cloud resources. However, these user-level role-based access control techniques fail to include comprehensive user context. We believe a situational aware framework will improve security by bringing in user's context to such cloud systems. In this paper, we create a semantically rich context-sensitive access control system for OpenStack by incorporating the user's current context attributes like location, time, etc. In a proof-of-concept implementation, we integrate a knowledge graph with our own access control system to express and enforce the contextual-situation policies in OpenStack. The proposed system provides enhanced, flexible access control while minimizing the overhead of altering the existing access control framework. We also discuss various use cases, to highlight the benefits of our system and show enforcement results.
更多查看译文
关键词
Cybersecurity, Access Control, Knowledge Graphs, OpenStack, Contextual Attributes
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络