Skip to main content

A Context-Aware Service for Authorizing Multi-cloud Deployments

  • Conference paper
  • First Online:
Web, Artificial Intelligence and Network Applications (WAINA 2019)

Abstract

The most recent advancements in cloud computing, highlight the need for supporting deployments on virtualised resources bounded to the data-intensive application requirements and not limited by the strict boundaries of each available cloud provider. Towards this direction, one important challenge is the appropriate protection of the software infrastructure used for automatically performing application components deployment over multi-clouds. Specifically, we discuss the requirements and introduce a novel attribute-based access control mechanism, able to cope with potential cybersecurity threats that may compromise the deployment of multi-cloud applications. We attempt to tackle the authorization issues from two different perspectives; namely, coping with the “access control” to various platform components and the “pre-authorization” of application deployment and data placement actions using multiple cloud providers.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://traefik.io/.

  2. 2.

    http://spring.io/projects/spring-boot.

  3. 3.

    http://tomcat.apache.org/.

  4. 4.

    https://www.eclipse.org/jetty/.

References

  1. Verginadis, Y., Patiniotakis, I., Mentzas, G.: Metadata schema for data-aware multi-cloud computing. In: INISTA, pp. 1–9. IEEE (SMC) (2018)

    Google Scholar 

  2. Horn, G., Skrzypek, P.: MELODIC: utility based cross cloud deployment optimisation. In: Proceedings of the 32nd International Conference on Advanced Information Networking and Applications Workshops (WAINA) (2018). https://doi.org/10.1109/waina.2018.00112

  3. CSA: The Treacherous 12 - Cloud Computing Top Threats in 2016. https://cloudsecurityalliance.org/group/top-threats

  4. Verginadis, Y., Michalas, A., Gouvas, P., Schiefer, G., Hübsch, G., Paraskakis, I.: PaaSword: a holistic data privacy and security by design framework for cloud services. J. Grid Comput. 1–16 (2017). https://doi.org/10.1007/s10723-017-9394-2

  5. Decker, M.: Modelling of location-aware access control rules. In: Maria Cruz-Cunha, F.M. (ed.), Handbook of Research on Mobility and Computing: Evolving Technologies and Ubiquitous Impacts, Information Science Reference, Hershey, PA, USA, 2011, incollection 57, pp. 912–929 (2011)

    Google Scholar 

  6. Hu, V.C., Ferraiolo, D., Kuhn, R., Friedman, A.R., Lang, A.J., Cogdell, M.M., Schnitzer, A., Sandlin, K., Miller, R., Scarfone, K.: Guide to attribute based access control (ABAC) definition and considerations (draft). NIST Special Publication 800, 162 (2013)

    Google Scholar 

  7. Ferraiolo, D., Cugini, J., Kuhn, D.R.: Role-based access control (RBAC): features and motivations. In: Proceedings of 11th Annual Computer Security Application Conference, pp. 241–248 (1995)

    Google Scholar 

  8. Ferraiolo, D., Chandramouli, R., Kuhn, R., Hu, V.: Extensible access control markup language (XACML) and next generation access control (NGAC). In: Proceedings of the ACM International Workshop on Attribute Based Access Control, pp. 13–24. ACM (2016)

    Google Scholar 

  9. Garcia-Alfaro, J., Navarro-Arribas, G.: Prevention of cross-site scripting attacks on current web applications. In: OTM Confederated International Conferences on the Move to Meaningful Internet Systems, pp. 1770–1784. Springer (2007)

    Google Scholar 

  10. Abowd, G.D., Dey, A.K., Brown, P.J., Davies, N., Smith, M., Steggles, P.: Towards a better understanding of context and context-awareness. In: International Symposium on Handheld and Ubiquitous Computing, pp. 304–307. Springer (1999)

    Google Scholar 

  11. Kiczales, G., Lamping, J., Mendhekar, A., Maeda, C., Lopes, C., Loingtier, J., M., Irwin, J.: Aspect-oriented programming. In: European conference on object-oriented programming, pp. 220–242. Springer (1997)

    Google Scholar 

Download references

Acknowledgments

The research leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 731664. The authors would like to thank the partners of the MELODIC project (http://www.melodic.cloud/) for their valuable advices and comments.

Author information

Authors and Affiliations

Authors

Corresponding authors

Correspondence to Yiannis Verginadis , Ioannis Patiniotakis or Gregoris Mentzas .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Verginadis, Y., Patiniotakis, I., Mentzas, G. (2019). A Context-Aware Service for Authorizing Multi-cloud Deployments. In: Barolli, L., Takizawa, M., Xhafa, F., Enokido, T. (eds) Web, Artificial Intelligence and Network Applications. WAINA 2019. Advances in Intelligent Systems and Computing, vol 927. Springer, Cham. https://doi.org/10.1007/978-3-030-15035-8_98

Download citation

Publish with us

Policies and ethics