Software-as-a-Service (SaaS) paradigm is one of the most popular forms of cloud services in today’s multi-tenant technological architecture. The role of multi-tenancy architecture is to offer services to its tenants with customized features of applications they need. Data isolation and resource sharing between multiple tenants in such architecture is more complicated task. Access control models takes accountability of the verification mechanism, the administration and the proper governance of the resources and related services. New architectural model is therefore required to maintain simple relation between the providers and multiple tenants in the system with a strong security feature. SaaS paradigm also needs an effective portability and orchestration mechanism over a virtualized infrastructure. To address these issues, we present a novel architecture called the E-RBAC (Enhanced- Role Based Access Control) model to enhance the security and access control over the services in the SaaS infrastructure by calculating the trust of the roles assigned. We also present a comparative analysis of SaaS provisioning with and without E-RBAC security model.

Cloud Computing, SaaS, Multi-Tenancy Architecture, RBAC

[1] A. Almutairi, M. Sarfraz, S. Basalamah, W. Aref, A. Ghafoor, “A distributed access control architecture for cloud computing,”. IEEE software, vol. 29(2), pp. 36-44, March 2012.
[2] X. Chen, W. Xu, W. Shen, “Trustworthiness-based dynamic access control for grid application,” Journal of Hunan University (Natural Sciences), vol. 35(7), pp. 859, July 2008.
[3] M. Srivatsa, A. Iyengar, T. Mikalsen, I. Rouvellou, and J. Yin, “An access control system for Web service compositions,” in Proc. IEEE International Conference on Web services, pp. 1-8, 2007.
[4] W. Wang, J. Han, M. Song, X. Wang, “The design of a trust and role based access control model in cloud computing,” In Pervasive Computing and Applications (ICPCA), 6th International Conference on IEEE, pp. 330-334, October 2011.
[5] Qiong Zuo, Meiyi Xie, Guanqiu Qi, Hong Zhu, “Tenant Based Access Control Model for Multi-tenancy and Sub-tenancy Architecture in Software-as-a-Service”, Frontiers of Computer Science, vol. 11(3), 2017.
[6] Masood R, Shibli M A, Ghazi Y, Kanwal A, Ali A. Cloud authorization: exploring techniques and approach towards effective access control framework. Frontiers of Computer Science, vol. 9(2), pp. 297–321, 2015.
[7] Li xia Xie, Chong Wang, “Multi domain Access Control Model Based on Role and Trust Degree”, Journal of Electrical and Computer Engineering, vol. 16,2016.
[8] Chaitali Uikey, D.S. Bhilari, “TrustRBAC: Trust Role Based Access Control Model in Multi-domain Cloud Environments”, International Conference on Information, Communication, Instrumentation and Control (ICICIC), 2017.
[9] L. Xia, J. Jing An administrative model for role-based access control using hierarchical namespace. Journal of Computer Research and Development, vol. 44(12), pp. 2020-2027, 2007,
[10] M. Lorch, S. Proctor, R. Lepro, D. Kafura, and S. Shah, “First experiences using XACML for access control in distributed systems,” in Proc. ACM workshop on XML security. ACM, pp. 25-37, 2003.
[11] C. Uikey, D. S. Bhilar, “Interaction Modelling using Trust and Recommendation in Cloud Computing Environment”. International Journal of Computer Applications. vol. 124(17), pp. 37-44, January 2015.
[12] M. Azarmi, B. K. Bhargava, P. Angin, R. Ranchal, N. Ahmed, A. Sinclair, M. Linderman, and L. B. Othmane, “An endto-end security auditing approach for service oriented architectures,” in Proc. IEEE Symposium on Reliable Distributed Systems, pp. 279-284, 2012.
[13] E. M. Ei, T. N. Thinn, The privacy-aware access control system using attribute-and role-based access control in private cloud. Proceedings of the 2011 4th IEEE IC-BNMT. pp. 447-451, 2011.
[14] T. Tavizi, M. Shajari, P. Dodangeh, A usage control based architecture for cloud environments. Parallel and Distributed Processing Symposium Workshops & Ph.D Forum (IPDPSW), 2012 IEEE 26th International. pp. 1534-1539, IEEE (2012)
[15] C. Jincui, J. Liqun “Role-based access control model of cloud computing,” Energy Procedia 13, pp. 1056-61, December 2011.
[16] Rohit Ranchal, Bharat Bhargava, Ruchith Fernando, Hui Lei and Zhongjun Jin, “Privacy Preserving Access Control in Service-Oriented Architecture”, IEEE International Conference on Web Services, 2016.
[17] Dr. P. Neelakantan, “A Study on E-Learning and Cloud Computing”, International Journal of Scientific Research in Computer Science, Engineering and Information Technology, Volume 3, Issue 1, ISSN : 2456-3307.
[18] Geetha.N and M.S.Anbarasi, “Enhanced Role Based Access Control System for Cloud Service Composition in Multi-Tenant Environment”, International Journal of Pure and Applied Mathematics, volume 118(11), pp. 349-355, 2018.
[19] R. Sood , R. Sharma, “Cloud Security Threats and Issues-A Review”, International Journal of Computer Sciences and Engineering, Volume-5, Issue-4, E-ISSN: 2347-2693.