Optimizing Access Control Performance for the Cloud

Slim Trabelsi; Adrien Ecuyer; Paul Cervera Y Alvarez; Francesco Di Cerbo

doi:10.5220/0004854005510558

Optimizing Access Control Performance for the Cloud

Slim Trabelsi, Adrien Ecuyer, Paul Cervera Y Alvarez, Francesco Di Cerbo

2014

Abstract

Cloud computing is synonym for high performance computing. It offers a very scalable infrastructure for the deployment of an arbitrarily high number of systems and services and to manage them without impacts on their performance. As for traditional systems, also such a wide distributed infrastructure needs to fulfil basic security requirements, like to restrict access to its resources, thus requiring authorization and access control mechanisms. Cloud providers still rely on traditional authorization and access control systems, however in some critical cases such solutions can lead to performance issues. The more complex is the access control structure (many authorization levels, many users and resources to protect); the slower is the enforcement of access control policies. In this paper we present a performance study on these traditional access control mechanisms like XACML, which computes the overhead generated by the authorizations checking process in extreme usage conditions. Therefore, we propose a new approach to make access control systems more scalable and suitable for cloud computing high performance requirements. This approach is based on a high speed caching access control tree that accelerates the decision making process without impacting on the consistency of the rules. Finally, by comparing the performance test results obtained by our solution to a traditional XACML access control system, we demonstrate that the ACT in-memory approach is more suitable for Cloud infrastructures by offering a scalable and high speed AC solution.

Download

Paper Citation

in Harvard Style

Trabelsi S., Ecuyer A., Cervera Y Alvarez P. and Di Cerbo F. (2014). Optimizing Access Control Performance for the Cloud . In Proceedings of the 4th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-758-019-2, pages 551-558. DOI: 10.5220/0004854005510558

in Bibtex Style

@conference{closer14,
author={Slim Trabelsi and Adrien Ecuyer and Paul Cervera Y Alvarez and Francesco Di Cerbo},
title={Optimizing Access Control Performance for the Cloud},
booktitle={Proceedings of the 4th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2014},
pages={551-558},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004854005510558},
isbn={978-989-758-019-2},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 4th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - Optimizing Access Control Performance for the Cloud
SN - 978-989-758-019-2
AU - Trabelsi S.
AU - Ecuyer A.
AU - Cervera Y Alvarez P.
AU - Di Cerbo F.
PY - 2014
SP - 551
EP - 558
DO - 10.5220/0004854005510558