TY - GEN
T1 - Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS)
AU - Zuo, Qiong
AU - Xie, Meiyi
AU - Tsai, Wei Tek
N1 - Publisher Copyright:
© 2015 IEEE.
PY - 2015/4/29
Y1 - 2015/4/29
N2 - Sub-Tenancy Architecture (STA), is an extension of Multi-Tenancy Architecture (MTA), allows tenants to offer services for subtenant developers to customize their applications in the SaaS infrastructure [1]. In a STA system, tenants are autonomous decentralized entities who can create subtenants, and grant their resources (including private services and data) to their subtenants. The isolation and sharing relations between parent-child tenants, sibling tenants or non-related tenants are more complicated than those between tenants in MTA. It is important to keep resource private, and at the same time, allow them to be shared, and support application customizations for tenants. This paper provides a formal definition of a new tenant-based access control model based on Administrative Role-Based Access Control (ARBAC) for STA in SaaS. Autonomous Areas (AA) and AA-tree are proposed to describe the autonomy of tenants, including their isolation and sharing relationships. Different resource sharing methods are given out to create and deploy the access control scheme in STA models.
AB - Sub-Tenancy Architecture (STA), is an extension of Multi-Tenancy Architecture (MTA), allows tenants to offer services for subtenant developers to customize their applications in the SaaS infrastructure [1]. In a STA system, tenants are autonomous decentralized entities who can create subtenants, and grant their resources (including private services and data) to their subtenants. The isolation and sharing relations between parent-child tenants, sibling tenants or non-related tenants are more complicated than those between tenants in MTA. It is important to keep resource private, and at the same time, allow them to be shared, and support application customizations for tenants. This paper provides a formal definition of a new tenant-based access control model based on Administrative Role-Based Access Control (ARBAC) for STA in SaaS. Autonomous Areas (AA) and AA-tree are proposed to describe the autonomy of tenants, including their isolation and sharing relationships. Different resource sharing methods are given out to create and deploy the access control scheme in STA models.
KW - Multi-Tenancy Architecture (MTA)
KW - Rolebased Access Control (RBAC) Model
KW - Software-as-a-Service (SaaS)
KW - Sub-Tenancy Architecture (STA)
KW - Tenant-based Access Control Model
UR - http://www.scopus.com/inward/record.url?scp=84937231677&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84937231677&partnerID=8YFLogxK
U2 - 10.1109/ISADS.2015.47
DO - 10.1109/ISADS.2015.47
M3 - Conference contribution
AN - SCOPUS:84937231677
T3 - Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015
SP - 211
EP - 216
BT - Proceedings - 2015 IEEE 12th International Symposium on Autonomous Decentralized Systems, ISADS 2015
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2015 12th IEEE International Symposium on Autonomous Decentralized Systems, ISADS 2015
Y2 - 25 March 2015 through 27 March 2015
ER -