ENHANCING SECURITY IN MULTI-CLOUD ENVIRONMENTS THROUGH FEDERATED ACCESS CONTROL
Keywords:
Cloud Security, Federated Access Control, Identity And Access Management, Multi-Cloud, PrivacyAbstract
Managing and accessing resources across cloud service providers (CSPs) in today's dynamic cloud computing environment poses security challenges. This paper explores the domain of federated access control and its ability to seamlessly and securely navigate the intricacies of multi-cloud environments. It highlights the security issues, such as the need for compliance and governance, identity and access management challenges, and data security and privacy concerns. Additionally, it discusses how to implement federated access control practically and offers best practices for doing so. The paper's findings underscore the paramount importance of federated access control in preserving the balance between security and privacy while harnessing the vast potential of multiple CSPs.
References
S. Achar, Cloud Computing Security for Multi-Cloud Service Providers: Controls and Techniques in our Modern Threat Landscape, Zenodo, 2022.
R. K. Banyal, V. K. Jain and P. Jain, Dynamic trust-based access control framework for securing multi-cloud environment. Proc. 14th International conference on information and communication technology for competitive strategies, New York, NY, 2014, 29, 1-8.
S. S. Rupra and A. Omamo, A Cloud Computing Security Assessment Framework for Small and Medium Enterprises. Journal of Information Security, 2020, 11(04), 201–224.
V. N. S. S. Chimakurthi, The Challenge of Achieving Zero Trust Remote Access in Multi-Cloud Environment. ABC Journal of Advanced Research, 2020, 9(2), 89-102.
Y. Demchenko, C. Ngo, C. D. Laat and C. Lee, Federated Access Control in Heterogeneous Intercloud Environment: Basic Models and Architecture Patterns. Proc. IEEE International Conference on Cloud Engineering, Boston, MA, 2014.
M. Colombo, R. Asal, Q. H. Hieu, F. A. El-Moussa, A. Sajjad and T. Dimitrakos, Data protection as a service in the multi-cloud environment. Proc. 12th IEEE International Conference on Cloud Computing (CLOUD), Milan, Italy, 2019, 81-85.
H. Graupner, K. Torkura, P. Berger, C. Meinel, & M. Schnjakin, Secure access control for multi-cloud resources. Proc. 40th IEEE Local Computer Networks Conference Workshops, Clearwater Beach, FL, 2015, 722-729.
J. Hong, T. Dreibholz, J. A. Schenkel, & J. A. Hu, An overview of multi-cloud computing, Web, Artificial Intelligence and Network Applications: Proc. 33rd Workshops of the International Conference on Advanced Information Networking and Applications, Matsue, Japan, 2019, 1055-1068.
M. Kazim, Dynamic collaboration and secure access to services in multi-cloud environments, University of Derby, United Kingdom, 2019.
K. Kritikos, T. Kirkham, B. Kryza and P. Massonet, Towards a security-enhanced PaaS platform for multi-cloud applications. Future Generation Computer Systems, 2017, 67, 206-226.
S. Pachala, C. Rupa and L. Sumalatha, An improved security and privacy management system for data in multi-cloud environments using a hybrid approach, Evolutionary Intelligence, 2021, 14, 1117-1133.
N. Pustchi, R. Krishnan and R. Sandhu, Authorization federation in its multi-cloud, Proc. 3rd International Workshop on Security in Cloud Computing, 2015, 63-71.
P. S. Pawar, A. Sajjad, T. Dimitrakos and D. W. Chadwick, Security-as-a-service in multi-cloud and federated cloud environments, Proc. 9th IFIP WG 11.11 International Conference, Hamburg, Germany, 2015, 251-261.
I. S. Sette, Access control in its multi-cloud heterogeneous environments, doctoral diss., Federal University of Pernambuco, Recife, Brazil, 2016
D. Saxena, K. S. Vaisla and M. S. Rauthan, Abstract model of trusted and secure middleware framework for multi-cloud environment, Proc, 2nd International Conference: Advanced Informatics for Computing Research, Shimla, India, 2019, 469-479.
M. Slawik, B. I. Zilci, Y. Demchenko, J. I. A. Baranda, R. Branchat, C. Loomis and C. Blanchet, CYCLONE unified deployment and management of federated, multi-cloud applications, Proc. 8th IEEE/ACM International Conference on Utility and Cloud Computing, Limassol, Cyprus, 2015, 453-457.
H. Witti, C. Ghedira-Guegan, E. Disson and K. Boukadi, Security governance in multi-cloud environment: a systematic mapping study, Proc. IEEE World Congress on Services, San Francisco, CA, 2016, 81-86.
