Research and implementation on access control of management-type SaaS

Xu, Jing; Tang, Jian; He, Donghua; Liu, Zan; Chen, Lin; Niu, Fujun

doi:10.1109/icime.2010.5477832

Cited by 5 publications

(3 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…自主访问控制(DAC) [2] 、强制访问控制(MAC) [3] 、基于角色的访问控制(RBAC) [4] 。但对于 SaaS 模式来说，不管是安全性还是可管理性，已有的访问控制方法都不能够很好地适用,所以需要根据 SaaS 模型的特点提出新的访问控制模型。目前，国内外学者对此问题已经做出了相关研究，Jing Xu 等人通过禁用 RBAC 模型角色间的继承关系来防止角色间的权限继承，从而防止权限扩散的危险，达到安全的访问控制 [5] 。Yuri …”

Section: 基于租户的访问控制模型 T-arbacunclassified

基于租户的访问控制模型T-ARBAC<br>A Tenant-Based Access Control Model T-Arbac

进¹

2013

CSA

View full text Add to dashboard Cite

SaaS service model not only greatly reduces the cost of enterprises, improves business efficiency, but also improves the management level of enterprises and accelerates the pace of innovation. However, it is an unavoidable problem that how to protect data for tenants when the data stored in the SP (service provider) data storage platform. And as the big amount of users in the platform, we also have to take management of user into consideration. This paper designed a new access control model T-ARBAC (Tenant-Administrative Role Based Access Control), combined with rolebased access control (RBAC) model, to support multi-tenant access control and facilitate the management of SaaS platform, meeting the requirements of diversity of tenant roles and independent access of coexisting data.

show abstract

Section: 基于租户的访问控制模型 T-arbacunclassified

基于租户的访问控制模型T-ARBAC<br>A Tenant-Based Access Control Model T-Arbac

进¹

2013

CSA

View full text Add to dashboard Cite

show abstract

“…Xu et al [9] propose a new hierarchical access control model for the SaaS model. Their model adds higher levels to the access control policy hierarchy to be able to capture new roles such as service providers' administrators (super and regional) and tenants' administrators.…”

Section: Related Workmentioning

confidence: 99%

TOSSMA: A Tenant-Oriented SaaS Security Management Architecture

Almorsy

Grundy

Ibrahim

2012

2012 IEEE Fifth International Conference on Cloud Computing

View full text Add to dashboard Cite

Multi-tenancy helps service providers to save costs, improve resource utilization, and reduce service customization and maintenance time by sharing of resources and services. On the other hand, supporting multi-tenancy adds more complexity to the shared application's required capabilities. Security is a key requirement that must be addressed when engineering new SaaS applications or when re-engineering existing applications to support multi-tenancy. Traditional security (re)engineering approaches do not fit with the multitenancy application model where tenants and their security requirements emerge after the system was first developed. Enabling, runtime, adaptable and tenant-oriented application security customization on single service instance is a key challenging security goal in multi-tenant application engineering. In this paper we introduce TOSSMA, a Tenant-Oriented SaaS Security Management Architecture. TOSSMA allows service providers to enable their tenants in defining, customizing and enforcing their security requirements without having to go back to application developers for maintenance or security customizations. TOSSMA supports security management for both new and existing systems. Service providers are not required to write security integration code to use a specific security platform or mechanism. In this paper, we describe details of our approach and architecture, our prototype implementation of TOSSMA, give a usage example of securing a multi-tenant SaaS, and discuss our evaluation experiments of TOSSMA.

show abstract

“…Literature [5] adopted a layered approach and proposed an access control method for SaaS platform on the basis of RBAC. Literature [6] also proposed an access control method for SaaS platform; this method disabled the role of inheritance and showed the user the accessing processes by UML diagram, but roles and tenants were in a multi-to-multi relationship and they might easily suffer from conflicts. A multi-tenant access control model was introduced in literature [7], but could not achieve role inheritance on the level of tenant.…”

Section: Introductionmentioning

confidence: 99%

Research on Web Service-Oriented Access Control Model

Liu

Zhang

2014

AMR

View full text Add to dashboard Cite

Access control is an important technique which is used to protect system resources from damage by unauthorized users. With the advantage of web services, the access control module was released as web services interfaces. In order to control accessing to system resources and take advantage of web services,this paper proposes the web service-oriented access control (WSOAC) model. The development of access control is firstly introduced; after that the authors describe this model with two levels—platform and tenant and then present the execution process. At last, the paper summarizes the characteristics of the model and the next step.

show abstract

Research and implementation on access control of management-type SaaS

Cited by 5 publications

References 9 publications

基于租户的访问控制模型T-ARBAC<br>A Tenant-Based Access Control Model T-Arbac

基于租户的访问控制模型T-ARBAC<br>A Tenant-Based Access Control Model T-Arbac

TOSSMA: A Tenant-Oriented SaaS Security Management Architecture

Research on Web Service-Oriented Access Control Model

Contact Info

Product

Resources

About