Visible to the public An Ontological Framework for Determining the Repercussions of Retirement Actions Targeted at Complex Access Control Policies in Cloud Environments

Submitted by grigby1 on Wed, 09/12/2018 - 11:26am
TitleAn Ontological Framework for Determining the Repercussions of Retirement Actions Targeted at Complex Access Control Policies in Cloud Environments
Publication TypeConference Paper
Year of Publication2017
AuthorsVeloudis, Simeon, Paraskakis, Iraklis, Petsos, Christos
Conference NameCompanion Proceedings of the10th International Conference on Utility and Cloud Computing
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-5195-9
Keywordscloud computing, deterrence, governance, Human Behavior, human factors, Ontologies, OWL 2, Policies, pubcrawl, resilience, Resiliency, Scalability, security
AbstractBy migrating their data and operations to the cloud, enterprises are able to gain significant benefits in terms of cost savings, increased availability, agility and productivity. Yet, the shared and on-demand nature of the cloud paradigm introduces a new breed of security threats that generally deter stakeholders from relinquishing control of their critical assets to third-party cloud providers. One way to thwart these threats is to instill suitable access control policies into cloud services that protect these assets. Nevertheless, the dynamic nature of cloud environments calls for policies that are able to incorporate a potentially complex body of contextual knowledge. This complexity is further amplified by the interplay that inevitably occurs between the different policies, as well as by the dynamically-evolving nature of an organisation's business and security needs. We argue that one way to tame this complexity is to devise a generic framework that facilitates the governance of policies. This paper presents a particular aspect of such a framework, namely an approach to determining the repercussions that policy retirement actions have on the overall protection of critical assets in the cloud.
URLhttp://doi.acm.org/10.1145/3147234.3148114
DOI10.1145/3147234.3148114
Citation Keyveloudis_ontological_2017-1
Groups: