Juan M. Perez

Semantic-aware multi-tenancy authorization system for cloud architectures

Cloud computing is an emerging paradigm to offer on-demand IT services to customers. The access control to resources located in the cloud is one of the critical aspects to enable business to shift into the cloud. Some recent works provide access control models suitable for the cloud; however there are important shortages that need to be addressed in this field. This work presents a step forward in the state-of-the-art of access control for cloud computing. We describe a high expressive authorization model that enables the management of advanced features such as role-based access control (RBAC), hierarchical RBAC (hRBAC), conditional RBAC (cRBAC) and hierarchical objects (HO). The access control model takes advantage of the logic formalism provided by the Semantic Web technologies to describe both the underlying infrastructure and the authorization model, as well as the rules employed to protect the access to resources in the cloud. The access control model has been specially designed taking into account the multi-tenancy nature of this kind of environment. Moreover, a trust model that allows a fine-grained definition of what information is available for each particular tenant has been described. This enables the establishment of business alliances among cloud tenants resulting in federation and coalition agreements. The proposed model has been validated by means of a proof of concept implementation of the access control system for OpenStack with promising performance results.

Editorial: Detection of semantic conflicts in ontology and rule-based information systems

Nowadays, managers of information systems use ontologies and rules as a powerful tool to express the desired behaviour for the system. However, the use of rules may lead to conflicting situations where the antecedent of two or more rules is fulfilled, but their consequent is indicating contradictory facts or actions. These conflicts can be categorised in two different groups, modality and semantic conflicts, depending on whether the inconsistency is owing to the rule language expressiveness or due to the nature of the actions. While there exist certain proposals to detect and solve modality conflicts, the problem becomes more complex with semantic ones. Additionally, current techniques to detect semantic conflicts are usually not considering the use of standard information models. This paper provides a taxonomy of semantic conflicts, analyses the main features of each of them and provides an OWL/SWRL modelling for certain realistic scenarios related with information systems. It also describes different conflict detection techniques that can be applied to semantic conflicts and their pros and cons. Finally, this paper provides a comparison of these techniques based on performance measurements taken in a realistic scenario and suggests a better approach. This approach is then used in other scenarios related with information systems and where different types of semantic conflicts may appear.

Semantic-based authorization architecture for Grid

There are a few issues that still need to be covered regarding security in the Grid area. One of them is authorization where there exist good solutions to define, manage and enforce authorization policies in Grid scenarios. However, these solutions usually do not provide Grid administrators with semantic-aware components closer to the particular Grid domain and easing different administration tasks such as conflict detection or resolution. This paper defines a proposal based on Semantic Web to define, manage and enforce security policies in a Grid scenario. These policies are defined by means of semantic-aware rules which help the administrator to create higher-level definitions with more expressiveness. These rules also permit performing added-value tasks such as conflict detection and resolution, which can be of interest in medium and large scale scenarios where different administrators define the authorization rules that should be followed before accessing a resource in the Grid. The proposed solution has been also tested providing some reasonable response times in the authorization decision process.

Taxonomy of trust relationships in authorization domains for cloud computing

Cloud computing is revealing a new scenario where different cloud customers need to collaborate to meet client demands. The cloud stack must be able to support this situation by enabling collaborative agreements between cloud customers. However, these collaborations entail new security risks since participating entities should trust each other to share a set of resources. The management of trust relationships in the cloud is gaining importance as a key element to establish a secure environment where entities are given full control in the definition of which particular services or resources they are willing to share. Entities can cooperate at different levels of trust, according to their willingness of sharing information. This paper analyses these collaboration agreements defining a taxonomy of different levels of trust relationships among customers for the cloud. Privacy concerns, assumed risk, as well as easiness in the definition of the trust relationships have been taken into account. A set of different trust relationships have been identified and modeled, enabling entities to control the information they share with others in the cloud. The proposed model has been validated with a prototypical implementation. Likewise, some examples to illustrate the application of these trust models to common cloud collaboration scenarios are provided.Cloud computing is revealing a new scenario where different cloud customers need to collaborate to meet client demands. The cloud stack must be able to support this situation by enabling collaborative agreements between cloud customers. However, these collaborations entail new security risks since participating entities should trust each other to share a set of resources. The management of trust relationships in the cloud is gaining importance as a key element to establish a secure environment where entities are given full control in the definition of which particular services or resources they are willing to share. Entities can cooperate at different levels of trust, according to their willingness of sharing information. This paper analyses these collaboration agreements defining a taxonomy of different levels of trust relationships among customers for the cloud. Privacy concerns, assumed risk, as well as easiness in the definition of the trust relationships have been taken into account. A set of different trust relationships have been identified and modeled, enabling entities to control the information they share with others in the cloud. The proposed model has been validated with a prototypical implementation. Likewise, some examples to illustrate the application of these trust models to common cloud collaboration scenarios are provided.

Analyzing the security of Windows 7 and Linux for cloud computing

We review and analyze the major security features and concerns in deploying modern commodity operating systems such as Windows 7 and Linux 2.6.38 in a cloud computing environment. We identify the security weaknesses and open challenges of these two operating systems when deployed in the cloud environment. In particular, we examine and compare various operating system security features which are critical in providing a secure cloud. These security features include authentication, authorization and access control, physical memory protection, privacy and encryption of stored data, network access and firewalling capabilities, and virtual memory.

Semantic Web-Based Management of Routing Configurations

Today, network operators typically reason about network behaviour by observing the effects of a particular configuration in operation. This configuration process typically involves logging configuration changes and rolling back to a previous version when a problem arises. Advanced network operators (more each day) use policy-based routing languages to define the routing configuration and tools based on systematic verification techniques to ensure that operational behaviour is consistent with the intended behaviour. These tools help operators to reason about properties of routing protocols. However, these languages and tools work in low-level, i.e. they focus on properties, parameters, and elements of routing protocols. However, network operators receive high-level policies that must be refined to low level parameters before they can be applied. These high-level policies should consider other properties (e.g. extensibility or reasoning capabilities), parameters (e.g. time period, localization or QoS parameters), and elements (e.g. AAA individuals or resources), when the network configuration is defined. We believe that there is a need of broader approaches in languages and tools for defining routing configurations that are more powerful and integrated to other network elements. This article provides the main ideas behind the specification of routing policies using formal languages which enable the description of semantics. These semantics make easier the policy refinement process and allows describing an automated process for doing conflict detection on these policies.Today, network operators typically reason about network behaviour by observing the effects of a particular configuration in operation. This configuration process typically involves logging configuration changes and rolling back to a previous version when a problem arises. Advanced network operators (more each day) use policy-based routing languages to define the routing configuration and tools based on systematic verification techniques to ensure that operational behaviour is consistent with the intended behaviour. These tools help operators to reason about properties of routing protocols. However, these languages and tools work in low-level, i.e. they focus on properties, parameters, and elements of routing protocols. However, network operators receive high-level policies that must be refined to low level parameters before they can be applied. These high-level policies should consider other properties (e.g. extensibility or reasoning capabilities), parameters (e.g. time period, localization or QoS parameters), and elements (e.g. AAA individuals or resources), when the network configuration is defined. We believe that there is a need of broader approaches in languages and tools for defining routing configurations that are more powerful and integrated to other network elements. This article provides the main ideas behind the specification of routing policies using formal languages which enable the description of semantics. These semantics make easier the policy refinement process and allows describing an automated process for doing conflict detection on these policies.

Towards the Definition of a Web Service Based Management Framework

The definition of advanced and distributed management frameworks is one of the key research issues that still need to be addressed in the network and service management research field. As part of this effort, the use of Web service technologies provides some advanced features such as improved interoperability and flexibility. This paper describes the main requirements and key components of a Web service-based management framework, how it works (at the level of the designed workflow) and how it has been mapped to a real management framework.

SecRBAC: Secure data in the Clouds

Most current security solutions are based on perimeter security. However, Cloud computing breaks the organization perimeters. When data resides in the Cloud, they reside outside the organizational bounds. This leads users to a loos of control over their data and raises reasonable security concerns that slow down the adoption of Cloud computing. Is the Cloud service provider accessing the data? Is it legitimately applying the access control policy defined by the user? This paper presents a data-centric access control solution with enriched role-based expressiveness in which security is focused on protecting user data regardless the Cloud service provider that holds it. Novel identity-based and proxy re-encryption techniques are used to protect the authorization model. Data is encrypted and authorization rules are cryptographically protected to preserve user data against the service provider access or misbehavior. The authorization model provides high expressiveness with role hierarchy and resource hierarchy support. The solution takes advantage of the logic formalism provided by Semantic Web technologies, which enables advanced rule management like semantic conflict detection. A proof of concept implementation has been developed and a working prototypical deployment of the proposal has been integrated within Google services.

Security and Privacy in Vehicular Communications with INTER-TRUST

Security systems in Intelligent Transport Systems (ITS) are woefully underprepared for the security threats in the modern landscape. However, the real potential for loss of life in the event of a successful attack makes these systems the more important to protect against such intrusions. In this paper, a new security framework that is the result of the INTER-TRUST European project will be presented and proposed as a solution that could solve most of ITS’s current security problems. The solution provides dynamic and adaptable security with a set of monitoring tools that also enable the adaptation of security to different contexts or situations that makes away with the need to recode the original applications. An overview on ITS security and how specific security features can be provided to ITS applications by deploying the INTER-TRUST framework is analyzed. A proof of concept implementation has been also developed during this research with some experimental results.

Towards a Policy-Driven Framework for Managing Service Dependability

Many critical activities rely on the correct and uninterrupted operation of networked Computer Information Systems (CIS). Such systems are however exposed to many different kinds of risk, and thus many researches have been taking place for enabling them to perform self monitoring and self healing to maintain their operation over time as specified by domain policies. This capability is often referred to as dependability.The DESEREC project has defined a tiered architecture as a policy based framework to increase the dependability of existing and new networked CIS, using technology-independant information which is translated at runtime to suit the managed components.