a multi-tenant rbac model for collaborative cloud services
DESCRIPTION
A Multi-Tenant RBAC Model for Collaborative Cloud Services. Bo Tang, Qi Li and Ravi Sandhu Presented by Bo Tang at The 11 th I nternational Conference on Privacy, Security and Trust (PST) July 12, 2013 Tarragona, Spain. OUTLINE. Introduction and Background - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/1.jpg)
World-Leading Research with Real-World Impact! 1
Institute for Cyber Security
A Multi-Tenant RBAC Model for Collaborative Cloud Services
Bo Tang, Qi Li and Ravi Sandhu
Presented by Bo Tangat
The 11th International Conference on Privacy, Security and Trust (PST)
July 12, 2013Tarragona, Spain
© ICS at UTSA
![Page 2: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/2.jpg)
OUTLINE
Introduction and BackgroundA Family of Multi-Tenant RBAC (MT-RBAC) Models
MT-RBAC0,1,2
Administrative MT-RBAC (AMT-RBAC) model Constraints
Prototype Implementation and EvaluationRelated WorkConclusion and Future Work
© ICS at UTSA World-Leading Research with Real-World Impact! 2
![Page 3: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/3.jpg)
OUTLINE
IntroductionA Family of Multi-Tenant RBAC (MT-RBAC) Models
MT-RBAC0,1,2
Administrative MT-RBAC (AMT-RBAC) model Constraints
Prototype Implementation and EvaluationRelated WorkConclusion and Future Work
© ICS at UTSA World-Leading Research with Real-World Impact! 3
![Page 4: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/4.jpg)
Cloud Computing
Shared infrastructure [$$$] -----> [$|$|$]
Multi-Tenancy Virtually dedicated resources
Drawbacks: Data Locked-in
oCollaborations can only be achieved through desktop.o E.g.: create/edit Word documents in Dropbox.
How to collaborate in the cloud?
© ICS at UTSA World-Leading Research with Real-World Impact! 4
Source: http://blog.box.com/2011/06/box-and-google-docs-accelerating-the-cloud-workforce/
![Page 5: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/5.jpg)
Motivation
© ICS at UTSA World-Leading Research with Real-World Impact! 5
C1. Charlie as a developer in OS has to access the source code stored in Dev.E to perform his out-sourcing job;
C2. Alice as an auditor in AF requires read-only access to financial reports stored in Acc.E; and
C3. Alice needs read-only accesses to Dev.E and Dev.OS in order to audit the out-sourcing project.
![Page 6: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/6.jpg)
Industry Solutions
Microsoft and IBM: Fine-grained data sharing in SaaS using DB schema Only feasible in DB
NASA: RBAC + OpenStack (Nebula) Lacks ability to support multi-org collaborations
Salesforce (Force.com): Single Sign-On + SAMLFocus on authentication and simple authorizationHeavy management of certificates
© ICS at UTSA World-Leading Research with Real-World Impact! 6
Source: http://msdn.microsoft.com/en-us/library/aa479086.aspx http://nebula.nasa.gov/blog/2010/06/03/nebulas-implementation-role-based-access-control-rbac/http://wiki.developerforce.com/page/Single_Sign-On_with_SAML_on_Force.com
![Page 7: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/7.jpg)
OUTLINE
IntroductionA Family of Multi-Tenant RBAC (MT-RBAC) Models
MT-RBAC0,1,2
Administrative MT-RBAC (AMT-RBAC) model Constraints
Prototype Implementation and EvaluationRelated WorkConclusion and Future Work
© ICS at UTSA World-Leading Research with Real-World Impact! 7
![Page 8: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/8.jpg)
MT-RBAC
World-Leading Research with Real-World Impact! 8© ICS at UTSA
![Page 9: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/9.jpg)
Trust Model
World-Leading Research with Real-World Impact! 9
AuthStmtsResources
Tenant A Tenant B
AuthStmtsResources AuthStmtsResources
AuthStmtsResources
If B (resource owner) trusts A then A can assignB’s permissions to A’s roles; andB’s roles as junior roles to A’s roles.
CanUse(rB) = {A, B, …}
User
If No trust
If B trust A
© ICS at UTSA
![Page 10: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/10.jpg)
MT-RBAC0,1,2
World-Leading Research with Real-World Impact! 10© ICS at UTSA
![Page 11: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/11.jpg)
AMT-RBAC
© Bo Tang World-Leading Research with Real-World Impact! 11
![Page 12: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/12.jpg)
AMT-RBAC (Contd.)
© Bo Tang World-Leading Research with Real-World Impact! 12
![Page 13: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/13.jpg)
Constraints
Cyclic Role Hierarchy: lead to implicit role upgrades in the role hierarchy
SoD: conflict of dutiesTenant-level
o E.g.: SOX compliance companies may not hire the same company for both consulting and auditing.
Role-levelo across tenants
Chinese Wall: conflict of interests among tenantso E.g.: do not share infrastructure with competitors.
© ICS at UTSA World-Leading Research with Real-World Impact! 13
Tenant 2
M1 M2
Tenant 1
E1 E2
![Page 14: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/14.jpg)
OUTLINE
IntroductionA Family of Multi-Tenant RBAC (MT-RBAC) Models
MT-RBAC0,1,2
Administrative MT-RBAC (AMT-RBAC) model Constraints
Prototype Implementation and EvaluationRelated WorkConclusion and Future Work
© ICS at UTSA World-Leading Research with Real-World Impact! 14
![Page 15: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/15.jpg)
Policy Specification of MT-RBAC2
© ICS at UTSA World-Leading Research with Real-World Impact! 15
user = “Charlie”; permission = “(read, /root/)%Dev.E” tr = “Dev.E”; te = “Dev.OS”
![Page 16: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/16.jpg)
MTAaaS Platform Prototype
Experiment SettingsCloudStorage: an open source web based cloud storage
and sharing system.Joyent, FlexCloud
Authorization ServiceCentralized PDPDistributed PEP
© Bo Tang World-Leading Research with Real-World Impact! 16
![Page 17: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/17.jpg)
Evaluation: Performance
MT-RBAC vs RBACMore policy references incur more decision time
MT-RBAC2 introduces 16 ms overhead on average.
World-Leading Research with Real-World Impact! 17
PDP Performance Client-End Performance
© ICS at UTSA
![Page 18: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/18.jpg)
Evaluation: Scalability
Scalable by changing either PDP capability; orNumber of PEPs.
World-Leading Research with Real-World Impact! 18
PDP Scalability PEP Scalability
© ICS at UTSA
![Page 19: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/19.jpg)
OUTLINE
IntroductionA Family of Multi-Tenant RBAC (MT-RBAC) Models
MT-RBAC0,1,2
Administrative MT-RBAC (AMT-RBAC) model Constraints
Prototype Implementation and EvaluationRelated WorkConclusion and Future Work
© ICS at UTSA World-Leading Research with Real-World Impact! 19
![Page 20: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/20.jpg)
Characteristics of Cloud
AgilityCollaboration and collaborators are temporary
Centralized FacilityNo need to use cryptographic certificates
HomogeneitySame access control model in each tenant
Out-Sourcing TrustCollaboration spirit
© ICS at UTSA World-Leading Research with Real-World Impact! 20
![Page 21: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/21.jpg)
Literature in Multi-org/dom
RBAC CBAC, GB-RBAC, ROBAC (e.g.: player transfer in NBA) Require central authority managing collaborations
Delegation Models dRBAC and PBDM (e.g.: allowing subleasing) Lacks agility (which the cloud requires)
Grids CAS, VOMS, PERMIS Absence of centralized facility and homogeneous
architecture (which the cloud has)
© ICS at UTSA World-Leading Research with Real-World Impact! 21
![Page 22: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/22.jpg)
Literature (Contd.)
Role-based Trust RT, Traust, RMTN AND RAMARS_TM Calero et al: towards a multi-tenant authorization
system for cloud serviceso Implementation level PoCoCoarse-grained trust model
MTAS Suits the cloud (out-sourcing trust)
© ICS at UTSA World-Leading Research with Real-World Impact! 22
Critical:trust model
![Page 23: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/23.jpg)
Role-Based Trust Model Comp.
World-Leading Research with Real-World Impact! 23© ICS at UTSA
![Page 24: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/24.jpg)
OUTLINE
IntroductionA Family of Multi-Tenant RBAC (MT-RBAC) Models
MT-RBAC0,1,2
Administrative MT-RBAC (AMT-RBAC) model Constraints
Prototype Implementation and EvaluationRelated WorkConclusion and Future Work
© ICS at UTSA World-Leading Research with Real-World Impact! 24
![Page 25: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/25.jpg)
Conclusion
Collaboration needs among cloud servicesMT-RBAC model family
FormalizationAdministrationConstraints
MTAaaS architecture viable in the cloudOverhead ≈ 16ms and scalable in the cloud Comparison of role-based trust models
© ICS at UTSA World-Leading Research with Real-World Impact! 25
![Page 26: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/26.jpg)
Future Work
Cross-tenant trust models in cloud computingOther multi-tenant access control models
MT-ABACMT-RTMT-PBAC and more.
Implementation MT-RBAC in OpenStack API.
© ICS at UTSA World-Leading Research with Real-World Impact! 26
![Page 27: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/27.jpg)
Institute for Cyber Security
Q & A
© ICS at UTSA World-Leading Research with Real-World Impact! 27
![Page 28: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/28.jpg)
Institute for Cyber Security
Thank You!
© ICS at UTSA World-Leading Research with Real-World Impact! 28
![Page 29: A Multi-Tenant RBAC Model for Collaborative Cloud Services](https://reader031.vdocument.in/reader031/viewer/2022013004/56813655550346895d9dde4b/html5/thumbnails/29.jpg)
Multi-Tenant Authorization as a Service (MTAaaS)
© ICS at UTSA World-Leading Research with Real-World Impact! 29
MTAaaS
Multi-TenantAccess Control
Cross-Tenant Access
User IDsResource CatalogsAuthz Policies