Self-Adaptive Access Control & Delegation in Cloud Computing

Abstract

Organizations are opting to move their systems to the cloud at a fast pace. It is possible that all the organizations move their entire infrastructure to the cloud, since the cloud paradigm provides so many ways of doing so with ease, e.g., its services such as Infrastructure as a service, platform as a service and software as a service. Since this area is thriving, special focus needs to be put in this field as it opens so many unsolved problems. In our thesis, we identified one such case of Access Control & Delegation in context to Cloud Computing. There exist many frameworks and models that enable access control policies and delegation of access rights, but the problem of handling unprecedented changes/ requirements hasn’t been identified before. Unprecedented changes or requirements are defined as changes that haven’t been identified beforehand or at the time of requirements engineering. We took this problem as a problem statement of our thesis, and finally came up with a solution to address this problem with Self-Adaptive Systems (SAS). We used SAS to make a framework that runs in closed feedback loop, while continually monitoring and evaluating user risk score and environmental factors such time of usage and change in user’s location and adapting its behavior based on these changes to reflect a secure state of the system. It also handles unprecedented changes and enable access delegation in emergency cases temporarily.