Sciweavers

HOTNETS
2010

CloudPolice: taking access control out of the network

13 years 7 months ago
CloudPolice: taking access control out of the network
Cloud computing environments impose new challenges on access control techniques due to multi-tenancy, the growing scale and dynamicity of hosts within the cloud infrastructure, and the increasing diversity of cloud network architectures. The majority of existing access control techniques were originally designed for enterprise environments that do not share these challenges and, as such, are poorly suited for cloud environments. In this paper, we argue that it is both sufficient and advantageous to implement access control only within the hypervisors at the end-hosts. We thus propose CloudPolice, a system that implements a hypervisor-based access control mechanism. We argue that, not only can CloudPolice support more sophisticated access control policies, it can do so in a manner that is simpler, more scalable and more robust than existing network-based techniques.
Lucian Popa 0002, Minlan Yu, Steven Y. Ko, Sylvia
Added 17 May 2011
Updated 17 May 2011
Type Journal
Year 2010
Where HOTNETS
Authors Lucian Popa 0002, Minlan Yu, Steven Y. Ko, Sylvia Ratnasamy, Ion Stoica
Comments (0)