Skip to main content

Self-adaptive Authorisation in OpenStack Cloud Platform

da Silva, Carlos Eduardo, Diniz, Thomas, Cacho, Nelio, de Lemos, Rogerio (2018) Self-adaptive Authorisation in OpenStack Cloud Platform. Journal of Internet Services and Applications, 9 (19). ISSN 1867-4828. E-ISSN 1869-0238. (doi:10.1186/s13174-018-0090-7) (KAR id:67437)

PDF Publisher pdf
Language: English


Download this file
(PDF/2MB)
[thumbnail of stack 10.1186%2Fs13174-018-0090-7.pdf]
Preview
Request a format suitable for use with assistive technology e.g. a screenreader
PDF Author's Accepted Manuscript
Language: English

Restricted to Repository staff only
Contact us about this Publication
[thumbnail of adaptive-authorisation-openstack.pdf]
Official URL:
http://dx.doi.org/10.1186/s13174-018-0090-7

Abstract

Although major advances have been made in protection of cloud platforms against malicious attacks, little has been done regarding the protection of these platforms against insider threats.

This paper looks into this challenge by introducing self-adaptation as a mechanism to handle insider threats in cloud platforms, and this will be demonstrated in the context of OpenStack.

OpenStack is a popular cloud platform that relies on Keystone, its identity management component, for controlling access to its resources.

The use of self-adaptation for handling insider threats has been motivated by the fact that self-adaptation has been shown to be quite effective in dealing with uncertainty in a wide range of applications.

Insider threats have become a major cause for concern since legitimate, though malicious, users might have access, in case of theft, to a large amount of information.

The key contribution of this paper is the definition of an architectural solution that incorporates self-adaptation into OpenStack Keystone in order to handle insider threats.

For that, we have identified and analysed several insider threats scenarios in the context of the OpenStack cloud platform, and have developed a prototype that was used for experimenting and evaluating the impact of these scenarios upon the self-adaptive authorisation system for the cloud platforms.

Item Type: Article
DOI/Identification number: 10.1186/s13174-018-0090-7
Uncontrolled keywords: Access Control, Cloud Computing, Insider Threats, OpenStack, Self-adaptive Systems
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming, > QA76.76 Computer software
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: Rogerio de Lemos
Date Deposited: 29 Jun 2018 10:23 UTC
Last Modified: 12 Jan 2024 03:57 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/67437 (The current URI for this page, for reference purposes)

University of Kent Author Information

  • Depositors only (login required):

Total unique views for this document in KAR since July 2020. For more details click on the image.