Towards a Semantic Based Towards a Semantic Based Policy Management Framework Policy Management Framework for Interoperable Cloud for Interoperable Cloud Environments Environments Hassan Takabi and James Joshi April 19, 2012 ICA CON 2012 1 Laboratory of Education and Research in Security Assured Information Systems (LERSAIS), University of Pittsburgh, Pittsburgh, PA, USA
16
Embed
Towards a Semantic Based Policy Management Framework for Interoperable Cloud Environments
Towards a Semantic Based Policy Management Framework for Interoperable Cloud Environments. Hassan Takabi and James Joshi April 19, 2012 ICA CON 2012. Laboratory of Education and Research in Security Assured Information Systems (LERSAIS), University of Pittsburgh, Pittsburgh, PA, USA. - PowerPoint PPT Presentation
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Towards a Semantic Based Policy Towards a Semantic Based Policy Management Framework for Management Framework for
Rule and Rule SetRule and Rule SetBasic policy rules
◦[Subject, Object, Action]For multi provider environment:
◦[Provider, Subject, Object, Action, Service]
◦P states that S can perform A on O associated with Ser
9
10
Roles RoleA a sbpsl:Role, RoleB a sbpsl:Role, RoleC a sbpsl:Role Subjects SubjectA a sbpsl:Subject hasRole RoleA isAssociatedWithProvider ProviderA, SubjectB a sbpsl:Subject hasRole RoleB isAssociatedWithProvider ProviderB,SubjectC a sbpsl:Subject hasRole RoleC isAssociatedWithProvider ProviderC
Actions Read a sbpsl:Action, Write a sbpsl:Action, Execute a sbpsl:Action Provider ProviderA a sbpsl:Provider, ProviderB a sbpsl:Action, ProviderC a sbpsl:Action
Roles RoleA a sbpsl:Role, RoleB a sbpsl:Role, RoleC a sbpsl:Role Subjects SubjectA a sbpsl:Subject hasRole RoleA isAssociatedWithProvider ProviderA, SubjectB a sbpsl:Subject hasRole RoleB isAssociatedWithProvider ProviderB,SubjectC a sbpsl:Subject hasRole RoleC isAssociatedWithProvider ProviderC
Actions Read a sbpsl:Action, Write a sbpsl:Action, Execute a sbpsl:Action Provider ProviderA a sbpsl:Provider, ProviderB a sbpsl:Action, ProviderC a sbpsl:Action
Objects ObjectA a sbpsl:Object isAssociatedWithService ServiceA.1 isOwnedByProvider ProviderA, ObjectB a sbpsl:Object isAssociatedWithService ServiceB.1 isOwnedByProvider ProviderB,ObjectC a sbpsl:Object isAssociatedWithService ServiceC.1 isOwnedByProvider ProviderC
Objects ObjectA a sbpsl:Object isAssociatedWithService ServiceA.1 isOwnedByProvider ProviderA, ObjectB a sbpsl:Object isAssociatedWithService ServiceB.1 isOwnedByProvider ProviderB,ObjectC a sbpsl:Object isAssociatedWithService ServiceC.1 isOwnedByProvider ProviderC
Service ServiceA.1 a sbpsl:Service offeredBy ProviderA, ServiceA.2 a sbpsl:Service offeredBy ProviderA, ServiceB.1 a sbpsl:Service offeredBy ProviderB, ServiceB.2 a sbpsl:Service offeredBy ProviderB, ServiceC.1 a sbpsl:Service offeredBy ProviderC, ServiceC.2 a sbpsl:Service offeredBy ProviderC
Service ServiceA.1 a sbpsl:Service offeredBy ProviderA, ServiceA.2 a sbpsl:Service offeredBy ProviderA, ServiceB.1 a sbpsl:Service offeredBy ProviderB, ServiceB.2 a sbpsl:Service offeredBy ProviderB, ServiceC.1 a sbpsl:Service offeredBy ProviderC, ServiceC.2 a sbpsl:Service offeredBy ProviderC