Secure access control for multi-cloud resources

Privacy, security, and trust concerns are continuously hindering the growth of cloud computing despite its attractive features. To mitigate these concerns, an emerging approach targets the use of multi-cloud architectures to achieve portability and reduce cost. Multi-cloud architectures however suffer several challenges including inadequate cross-provider APIs, insufficient support from cloud service providers, and especially non-unified access control mechanisms. Consequently, the available multi-cloud proposals are unhandy or insecure. This paper proposes two contributions. At first, we survey existing cloud storage provider interfaces. Following, we propose a novel technique that deals with the challenges of connecting modern authentication standards and multiple cloud authorization methods.

[1]  Marko Vukolic,et al.  The byzantine empire in the intercloud , 2010, SIGA.

[2]  Xiaodong Liu,et al.  Critical Evaluation on jClouds and Cloudify Abstract APIs against EC2, Azure and HP-Cloud , 2014, 2014 IEEE 38th International Computer Software and Applications Conference Workshops.

[3]  Zahir Tari,et al.  Creating a 'Cloud Storage' Mashup for High Performance, Low Cost Content Delivery , 2008, ICSOC Workshops.

[4]  Miguel Correia,et al.  DepSky: Dependable and Secure Storage in a Cloud-of-Clouds , 2013, TOS.

[5]  Raouf Boutaba,et al.  Cloud computing: state-of-the-art and research challenges , 2010, Journal of Internet Services and Applications.

[6]  Brian Donnellan,et al.  Factors That Affect The Adoption Of Cloud Computing For An Enterprise: A Case Study Of Cloud Adoption Within Intel Corporation , 2013, ECIS.

[7]  Qing Tan,et al.  Federated Identity Access Broker Pattern for Cloud Computing , 2013, 2013 16th International Conference on Network-Based Information Systems.

[8]  Hakim Weatherspoon,et al.  RACS: a case for cloud storage diversity , 2010, SoCC '10.

[9]  Nikos Loutas,et al.  Cloud Computing Interoperability: The State of Play , 2011, 2011 IEEE Third International Conference on Cloud Computing Technology and Science.

[10]  Alessandro Sorniotti,et al.  Reconciling End-to-End Confidentiality and Data Reduction In Cloud Storage , 2014, CCSW.

[11]  Christoph Meinel,et al.  Applying Erasure Codes for Fault Tolerance in Cloud-RAID , 2013, 2013 IEEE 16th International Conference on Computational Science and Engineering.

[12]  Yang Tang,et al.  NCCloud: A Network-Coding-Based Storage System in a Cloud-of-Clouds , 2014, IEEE Transactions on Computers.

[13]  Dana Petcu,et al.  Towards a Cross Platform Cloud API - Components for Cloud Federation , 2011, CLOSER.

[14]  James A. Thom,et al.  Cloud Computing Security: From Single to Multi-clouds , 2012, 2012 45th Hawaii International Conference on System Sciences.

[15]  Dick Hardt,et al.  The OAuth 2.0 Authorization Framework , 2012, RFC.

[16]  David W. Chadwick,et al.  Adding Federated Identity Management to OpenStack , 2013, Journal of Grid Computing.

[17]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .