Title: Semantic-based policy management for cloud computing environments

Authors: Hassan Takabi; James B.D. Joshi

Addresses: School of Information Sciences, University of Pittsburgh, 135 N. Bellefield Avenue, Pittsburgh, PA 15213, USA. ' School of Information Sciences, University of Pittsburgh, 135 N. Bellefield Avenue, Pittsburgh, PA 15213, USA

Abstract: Cloud computing environments do not allow use of a single access control mechanism, single policy language or single policy management tool for various cloud services. Currently, users must use diverse access control solutions available for each cloud service provider to secure their data. Access control policies may be composed in incompatible ways because of diverse policy languages that are maintained separately at every cloud service provider. Heterogeneity and distribution of these policies pose problems in their administration. The semantic web technologies can provide the solution to interoperability of heterogeneous cloud service providers. In this paper, we introduce a semantic-based policy management framework that is designed to give users a unified control point for managing policies that control access to their data no matter where the data is stored. We present the framework and describe its components. Furthermore, we present a proof of concept implementation and results of performance evaluation.

Keywords: access control; policy management; policy language; semantic web; policy management framework; semantic-based policy management; cloud computing; user centric; heterogeneity; interoperability; heterogeneous cloud services; cloud service providers; performance evaluation.

DOI: 10.1504/IJCC.2012.046717

International Journal of Cloud Computing, 2012 Vol.1 No.2/3, pp.119 - 144

Published online: 16 Aug 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article