Paper accepted at IFIPSEC 2017

Published: Jun 15, 2017
Tags:papers
The following paper has been accepted at the 32nd International Conference on ICT Systems Security and Privacy Protection (IFIPSEC 2017):
  • Title: Assisted Authoring, Analysis and Enforcement of Access Control Policies in the Cloud
  • Authors: Umberto Morelli and Silvio Ranise
  • Abstract: The heterogeneity of cloud computing platforms hinders the proper exploitation of cloud technologies since it prevents interoperability, promotes vendor lock-in and makes it very difficult to exploit the well-engineered security mechanisms made available by cloud providers. In this paper, we introduce a technique to help developers to specify and enforce access control policies in cloud applications. The main idea is twofold. First, use a high-level specification language with a formal semantics that allows to answer access requests abstracting from an access control mechanism available in a particular cloud platform. Second, exploit an automated translation mechanism to compute (equivalent) policies that can be enforced in two of the most widely used cloud platforms: AWS and Openstack. We illustrate the technique on a running example and report our experience with a prototype implementation.
  • DOI: 10.1007/978-3-319-58469-0_20

About the conference

  • Name: 32nd International Conference on ICT Systems Security and Privacy Protection (IFIPSEC 2017)
  • Date: from May 29, 2017 to May 31, 2017
  • Location: Rome, Italy
  • Website: https://ifipsec.org/2017/

Involved People

Morelli Umberto

Umberto Morelli

Ranise Silvio

Silvio Ranise