Foundations for Designing, Defining, Validating and Executing Access Control Policies in Cloud Environments
Foundations for Designing, Defining, Validating and Executing Access Control Policies in Cloud Environments
No Thumbnail Available
Date
2017-09
Authors
Veloudis, Simeon
Paraskakis, I.
Petsos, Christos
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
By embracing cloud computing enterprises are able to boost their agility and productivity whilst realising significant cost savings. However, due to security and privacy concerns, many enterprises are reluctant to migrate their data and operations to the cloud. One way to alleviate these concerns is to devise access control policies that infuse suitable security controls into cloud services. Nevertheless, the complexity inherent in such policies, stemming from the dynamic nature of cloud environments, calls for a framework that provides assurances with respect to the effectiveness of the policies. In this respect, this work proposes a class of constraints, the so-called well-formedness constraints, that provide such assurances by empowering stakeholders to harness the attributes of the policies. Both the policies and the constraints are expressed ontologically hence enabling automated reasoning about the abidance of the policies with the constraints.
Description
Keywords
Citation
Veloudis, S., Paraskakis, I., Petsos, C. (2017). Foundations for Designing, Defining, Validating and Executing Access Control Policies in Cloud Environments. In: De Paoli, F., Schulte, S., Broch Johnsen, E. (eds) Service-Oriented and Cloud Computing. ESOCC 2017. Lecture Notes in Computer Science(), vol 10465. Springer, Cham. https://doi.org/10.1007/978-3-319-67262-5_6