Abstract
The most recent advancements in cloud computing, highlight the need for supporting deployments on virtualised resources bounded to the data-intensive application requirements and not limited by the strict boundaries of each available cloud provider. Towards this direction, one important challenge is the appropriate protection of the software infrastructure used for automatically performing application components deployment over multi-clouds. Specifically, we discuss the requirements and introduce a novel attribute-based access control mechanism, able to cope with potential cybersecurity threats that may compromise the deployment of multi-cloud applications. We attempt to tackle the authorization issues from two different perspectives; namely, coping with the “access control” to various platform components and the “pre-authorization” of application deployment and data placement actions using multiple cloud providers.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Verginadis, Y., Patiniotakis, I., Mentzas, G.: Metadata schema for data-aware multi-cloud computing. In: INISTA, pp. 1–9. IEEE (SMC) (2018)
Horn, G., Skrzypek, P.: MELODIC: utility based cross cloud deployment optimisation. In: Proceedings of the 32nd International Conference on Advanced Information Networking and Applications Workshops (WAINA) (2018). https://doi.org/10.1109/waina.2018.00112
CSA: The Treacherous 12 - Cloud Computing Top Threats in 2016. https://cloudsecurityalliance.org/group/top-threats
Verginadis, Y., Michalas, A., Gouvas, P., Schiefer, G., Hübsch, G., Paraskakis, I.: PaaSword: a holistic data privacy and security by design framework for cloud services. J. Grid Comput. 1–16 (2017). https://doi.org/10.1007/s10723-017-9394-2
Decker, M.: Modelling of location-aware access control rules. In: Maria Cruz-Cunha, F.M. (ed.), Handbook of Research on Mobility and Computing: Evolving Technologies and Ubiquitous Impacts, Information Science Reference, Hershey, PA, USA, 2011, incollection 57, pp. 912–929 (2011)
Hu, V.C., Ferraiolo, D., Kuhn, R., Friedman, A.R., Lang, A.J., Cogdell, M.M., Schnitzer, A., Sandlin, K., Miller, R., Scarfone, K.: Guide to attribute based access control (ABAC) definition and considerations (draft). NIST Special Publication 800, 162 (2013)
Ferraiolo, D., Cugini, J., Kuhn, D.R.: Role-based access control (RBAC): features and motivations. In: Proceedings of 11th Annual Computer Security Application Conference, pp. 241–248 (1995)
Ferraiolo, D., Chandramouli, R., Kuhn, R., Hu, V.: Extensible access control markup language (XACML) and next generation access control (NGAC). In: Proceedings of the ACM International Workshop on Attribute Based Access Control, pp. 13–24. ACM (2016)
Garcia-Alfaro, J., Navarro-Arribas, G.: Prevention of cross-site scripting attacks on current web applications. In: OTM Confederated International Conferences on the Move to Meaningful Internet Systems, pp. 1770–1784. Springer (2007)
Abowd, G.D., Dey, A.K., Brown, P.J., Davies, N., Smith, M., Steggles, P.: Towards a better understanding of context and context-awareness. In: International Symposium on Handheld and Ubiquitous Computing, pp. 304–307. Springer (1999)
Kiczales, G., Lamping, J., Mendhekar, A., Maeda, C., Lopes, C., Loingtier, J., M., Irwin, J.: Aspect-oriented programming. In: European conference on object-oriented programming, pp. 220–242. Springer (1997)
Acknowledgments
The research leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 731664. The authors would like to thank the partners of the MELODIC project (http://www.melodic.cloud/) for their valuable advices and comments.
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Verginadis, Y., Patiniotakis, I., Mentzas, G. (2019). A Context-Aware Service for Authorizing Multi-cloud Deployments. In: Barolli, L., Takizawa, M., Xhafa, F., Enokido, T. (eds) Web, Artificial Intelligence and Network Applications. WAINA 2019. Advances in Intelligent Systems and Computing, vol 927. Springer, Cham. https://doi.org/10.1007/978-3-030-15035-8_98
Download citation
DOI: https://doi.org/10.1007/978-3-030-15035-8_98
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-15034-1
Online ISBN: 978-3-030-15035-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)