On the Definition of Access Control Requirements for Grid and Cloud Computing Systems

Abstract: Abstract. The emergence of grid and cloud computing systems has introduced new security concepts, so it requires new access control approaches. Traditional systems engineering processes can be enriched with helper approaches that can facilitate the definition of access control requirements in such complex environments. Looking towards a holistic approach on the definition of access control requirements, we propose a four-layer conceptual categorization. In addition, an example is given so that to demonstrate t… Show more

“…Figure 2 illustrates the proposed methodology in a system development process that consists of the stages of requirements engineering, systems' design and verification. We propose for the stage of requirements engineering to apply the Conceptual Categorization (CC) [3] and during verification to apply model checking techniques. CC is capable of tailoring the requirements engineering through a re-engineering process.…”

“…Concerning the requirements engineering stage, we choose to apply the CC that is proposed in [3], which is a layered approach for the definition and evaluation of security requirements for modern collaborative systems, as the Cloud. In brief, CC is based on four abstraction layers.…”

“…In this section, we demonstrate the proposed methodology by recalling the application of CC on a generic Cloud environment to evaluate and enhance the Role-Based Access Control (RBAC) model [3]. A new produced AC model entitled domRBAC [18] is evaluated in the context of CC.…”

“…Users from companies A and B can request capabilities from their local domain, collaborate with other users, manage their data and request on demand the use of services. The application of CC concludes to the following [3]:…”

“…To manage the increased complexity of AC systems, system engineering processes are applied. Nevertheless, generic approaches can be enhanced to facilitate the definition of access control requirements in Cloud environments as presented in [3]. Additionally, a common stage in the development of a system is its verification, where a system can be verified for its correctness.…”

A Methodology for the Development and Verification of Access Control Systems in Cloud Computing

“…Figure 2 illustrates the proposed methodology in a system development process that consists of the stages of requirements engineering, systems' design and verification. We propose for the stage of requirements engineering to apply the Conceptual Categorization (CC) [3] and during verification to apply model checking techniques. CC is capable of tailoring the requirements engineering through a re-engineering process.…”

“…Concerning the requirements engineering stage, we choose to apply the CC that is proposed in [3], which is a layered approach for the definition and evaluation of security requirements for modern collaborative systems, as the Cloud. In brief, CC is based on four abstraction layers.…”

“…In this section, we demonstrate the proposed methodology by recalling the application of CC on a generic Cloud environment to evaluate and enhance the Role-Based Access Control (RBAC) model [3]. A new produced AC model entitled domRBAC [18] is evaluated in the context of CC.…”

“…Users from companies A and B can request capabilities from their local domain, collaborate with other users, manage their data and request on demand the use of services. The application of CC concludes to the following [3]:…”

“…To manage the increased complexity of AC systems, system engineering processes are applied. Nevertheless, generic approaches can be enhanced to facilitate the definition of access control requirements in Cloud environments as presented in [3]. Additionally, a common stage in the development of a system is its verification, where a system can be verified for its correctness.…”

A Methodology for the Development and Verification of Access Control Systems in Cloud Computing

Security for Cloud Storage Systems

Introduction