Multi-tenancy authorization models for collaborative cloud services

摘要

The cloud service model intrinsically caters to multiple tenants, most obviously not only in public clouds butrnalso in private clouds for large organizations. Currently, most cloud service providers isolate user activitiesrnand data within a single tenant boundary with no or minimum cross-tenant interaction. It is anticipatedrnthat this situation will evolve soon to foster cross-tenant collaboration supported by Authorization as arnService. At present, there is no widely accepted model for cross-tenant authorization. Recently, Calerornet al. informally presented a multi-tenancy authorization system (MTAS), which extends the well-knownrnrole-based access control model by building trust relations among collaborating tenants. In this paper, wernformalize this MTAS model and propose extensions for finer-grained cross-tenant trust. We also develop anrnadministration model for MTAS. We demonstrate the utility and practical feasibility of MTAS by means ofrnan example policy specification in extensible access control markup language. To further test the metricsrnof the model, we develop a prototype system and conduct experiments on it. The result shows that thernprototype has 12-ms policy decision overhead on average and is scalable. We anticipate that researchersrnwill develop additional multi-tenant authorization models before eventual consolidation and convergence tornstandard industry practice.