A Policy-Based Management Framework for Cloud Computing Security

dc.contributor.authorRunsewe, Olubisi Atinuke
dc.description.abstractCloud Computing has changed how computing is done as applications and services are being consumed from the cloud. It has attracted a lot of attention in recent times due to the opportunities it offers. While Cloud Computing is economical, the security challenges it poses are quite significant and this has affected the adoption rate of the technology. With the potential vulnerabilities being introduced by moving data to the cloud, it has become imperative for cloud service providers to guarantee the security of information, leaving cloud service consumers (e.g., enterprises) with the task of negotiating the terms and conditions of services provided by the cloud service providers as well as trusting them with their data. Although various security solutions used for addressing the security of data within the enterprises are now being applied to the cloud, these security solutions are challenged due to the dynamic, distributed and complex nature of the cloud technology. This thesis proposes a novel Policy-Based Management (PBM) framework capable of achieving cross-tenant authorization, handling dynamic and anonymous users while reducing the security management task to address cloud security. The framework includes an access control model adapted to the cloud environment that adopts features from role-based, task-based and attribute-based access control frameworks for a fine-grained access control. We demonstrate how this framework can be applied to develop an access control system for an enterprise using cloud services. The framework verifies the correctness of access control policies for cloud security through reasoning technique.
dc.publisherUniversité d'Ottawa / University of Ottawa
dc.subjectPolicy-Based Management
dc.subjectCloud Computing Security
dc.subjectAccess Control
dc.subjectEnterprise Information Security
dc.titleA Policy-Based Management Framework for Cloud Computing Security
dc.faculty.departmentTechnologie des affaires électroniques / E-Business Technologies
dc.contributor.supervisorSamaan, Nancy
dc.degree.disciplineGénie / Engineering
thesis.degree.disciplineGénie / Engineering
uottawa.departmentTechnologie des affaires électroniques / E-Business Technologies
CollectionThèses, 2011 - // Theses, 2011 -

Runsewe_Olubisi_2014_thesis.pdfA Policy-Based Management Framework for Cloud Computing Security3.05 MBAdobe PDFOpen