Hierarchical multi-tenancy, which enables tenants to be divided into subtenants, is a flexible and scalable architecture for representing subsets of users and application resources in the real world. However, the resource isolation and sharing relations for tenants with hierarchies are more complicated than those between tenants in the flat Multi-Tenancy Architecture. In this paper, a hierarchical tenant-based access control model based on Administrative Role-Based Access Control in Softwareas-a-Service is proposed. Autonomous Areas and AA-tree are used to describe the autonomy and hierarchy of tenants, including their isolation and sharing relationships. AA is also used as an autonomous unit to create and deploy the access permissions for tenants. Autonomous decentralized authorization and authentication schemes for hierarchical multi-tenancy are given out to help different level tenants to customize efficient authority and authorization in large-scale SaaS systems.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.