A Cross Tenant Access Control (CTAC) Model for Cloud Computing: Formal Specification and Verification
Download as PPTX, PDF3 likes827 views
This document proposes a Cross Tenant Access Control model for cloud computing. It specifies a cloud resource mediation service that acts as a trusted third party to facilitate secure resource sharing between tenants. Formal specifications and verification are provided for permission activation and delegation algorithms that govern resource access between tenants. The model addresses limitations of traditional access control for cross-tenant resource sharing in cloud environments.
A Cross Tenant Access Control (CTAC) Model for Cloud Computing: Formal Specification and Verification
- 1. A Cross Tenant Access Control (CTAC) Model for Cloud Computing: Formal Specification and Verification
- 2. ABSTRACT • Sharing of resources on the cloud can be achieved on a large scale since it is cost effective and location independent. • Despite the hype surrounding cloud computing, organizations are still reluctant to deploy their businesses in the cloud computing environment due to concerns in secure resource sharing.
- 3. CONTI.. • In this paper, we propose a cloud resource mediation service offered by cloud service providers, which plays the role of trusted third party among its different tenants. • This paper formally specifies the resource sharing mechanism between two different tenants in the presence of our proposed cloud resource mediation service. • The correctness of permission activation and delegation mechanism among different tenants using four distinct algorithms (Activation, Delegation,Forward Revocation and Backward Revocation) is also demonstrated using formal verification.
- 4. EXISTING SYSTEM • Traditional access control models, such as role based access control, are generally unable to adequately deal with cross-tenant resource access requests. • However, takes the decidability problem as first order logic formula and decides its satisfiability based on the decidable background theory. • The SMT-Lib provides a common input platform for a number of solvers used in the verification of systems. Behavioral specifications of a system can also be represented using abstract models.
- 5. PROPOSED SYSTEM • We present a CTAC model for collaboration, and the CRMS to facilitate resource sharing amongst various tenants and their users. • We also present four different algorithms in the CTAC model, namely: activation, delegation, forward revocation and backward revocation. • Role based access control (RBAC) enables fine- grained access control (and generally in a single domain). Different extensions of RBAC have been proposed in the literature to support multi- domain access control.
- 6. SYSTEM REQUIREMNTS • HARDWARE REQUIREMENS • System : Pentium IV 2.4 GHz. • Hard Disk : 80 GB. • Ram : 1 GB. • SOFTWARE REQURIEMENTS • Operating system : Windows 7. • Coding Language: : C# • IDE : VISUAL STUDIO • Database : MS-SQLSERVER
- 7. CONCLUSTION • In this paper, we proposed a cross-tenant cloud resource mediation service (CRMS), which can act as a trusted-third party for fine- grained access control in a cross-tenant environment. • We also presented a formal model CTAC with four algorithms designed to handle the requests for permission activation.