Online collaboration service has become a popular offering of present day Software-as-a-Service (SaaS) clouds. It facilitates sharing of information among multiple participating domains and accessing them from remote locations. Owing to loosely-coupled nature of such collaborations, access request from a remote user is made in the form of a set of permissions. The cloud vendor maps the requested permissions into appropriate local roles in order to allow resource access. However, coexistence of such multiple simultaneous role activation requests may introduce conflicts which violate the principle of security. In this paper, we propose a distributed secure collaboration framework which enables collaborating domains to detect and remove these conflicts. Two features of our framework are: (i) it requires only local information, and (ii) it detects and removes conflicts on-the-fly. Formal proofs have been provided to establish the correctness of our approach. Experimental results and qualitative comparison with related work demonstrate the efficacy of our approach in terms of response time, thus addressing the scalability requirement of cloud services.
- Clouds,
- Web services,
- Access conflict,
- Collaboration services,
- Loosely coupled,
- Role hierarchy,
- Separation of duty,
- Software as a service (SaaS),
- Loosely-coupled
Available at: http://works.bepress.com/sajal-das/122/