计算机科学与应用

Vol.3 No.3 (June 2013)

基于租户的访问控制模型T-ARBAC
A Tenant-Based Access Control Model T-Arbac

 

作者:

曹 进 , 朱巧明 , 钱培德 :苏州大学计算机科学与技术学院

李培峰 :江苏省计算机信息处理技术重点实验室

 

关键词:

多租户访问控制T-ARBACMulti-Tenant Access Control T-ARBAC

 

摘要:

SaaS服务模式极大地降低了企业成本、提高了企业效率,同时也提高了企业的管理水平及加快了其创新步伐。但由于租户数据存储于服务提供商数据存储平台,如何保障租户的数据安全是一个无法回避的问题,并且平台用户数量巨大,如何有效地对用户进行管理也是一个值得探索的问题。本文结合基于角色的访问控制模型,设计出一个支持多租户、方便租户权限控制与管理的SaaS平台访问控制模型T-ARBAC (Tenant-Admin- istrative Role Based Access Control),满足了租户访问控制策略多样性与安全、独立访问共存数据的要求。

SaaS service model not only greatly reduces the cost of enterprises, improves business efficiency, but also improves the management level of enterprises and accelerates the pace of innovation. However, it is an unavoidable problem that how to protect data for tenants when the data stored in the SP (service provider) data storage platform. And as the big amount of users in the platform, we also have to take management of user into consideration. This paper designed a new access control model T-ARBAC (Tenant-Administrative Role Based Access Control), combined with role- based access control (RBAC) model, to support multi-tenant access control and facilitate the management of SaaS platform, meeting the requirements of diversity of tenant roles and independent access of coexisting data.

文章引用:

曹 进 , 李培峰 , 朱巧明 , 钱培德 (2013) 基于租户的访问控制模型T-ARBAC。 计算机科学与应用, 3, 173-179. doi: 10.12677/CSA.2013.33030

 

分享
Top