Download PDFOpen PDF in browser

A authentication and access authorization mechanism on the PaaS platform

EasyChair Preprint 1380

8 pagesDate: August 9, 2019

Abstract

 With the development of cloud computing and Docker technology, the continuous delivery technology has matured. The PaaS platform system provides agile development and good scalability for multi-tenancy. At the same time, the security of the system becomes a key factor for the sustainable development of the system. PaaS can customize different identity authentication and access control for different tenant that uses different services. By comparing the research of identity authentication in the traditional environment, this paper analyzes the limitations and shortcomings of its use under the PaaS platform to multi-tenant and focuses on the characteristics of multi-tenant sharing service on PaaS platform. Firstly, the identity authentication is realized through the ticket authentication method. Then, based on the cloud computing environment and the resource dynamics under multi-tenancy, the timeliness of cloud resources and other factors, from the perspective of user service session access control, based on RABC and UCON model ,the user, authority, resources and control are proposed. The access control method described by the metadata is used to ensure the security of the user's access to the cloud resources in the PaaS environment. The paper elaborates on the security and usability of the key generation, distribution, update, and metadata access control processes. Practice shows that the PaaS environment based on the proposed unified authentication and metadata access control can effectively protect the dynamic access control and security isolation of different services for different tenants. At the same time, according to the built cloud resource access control model, cloud resource access control systems with permission separation, user attribute and cloud resource attribute constraints, lease time constraints, usage rate control can be flexibly constructed. 

Keyphrases: Authentication, Authorization, Metadata-Driven, PaaS

BibTeX entry
BibTeX does not have the right entry for preprints. This is a hack for producing the correct reference:
@booklet{EasyChair:1380,
  author    = {Xu Shuangshuang and Zhu Hongliang},
  title     = {A authentication and access authorization mechanism on the PaaS platform},
  howpublished = {EasyChair Preprint 1380},
  year      = {EasyChair, 2019}}
Download PDFOpen PDF in browser