dc.contributor.advisor |
Dias G |
|
dc.contributor.author |
Jayawardhana PR |
|
dc.date.accessioned |
2019 |
|
dc.date.available |
2019 |
|
dc.date.issued |
2019 |
|
dc.identifier.citation |
Jayawardhana, P.R. (2019). Authorization for workloads in a dynamically scaling, heterogeneous system [Master’s theses, University of Moratuwa]. Institutional Repository University of Moratuwa. http://dl.lib.mrt.ac.lk/handle/123/15988 |
|
dc.identifier.uri |
http://dl.lib.mrt.ac.lk/handle/123/15988 |
|
dc.description.abstract |
which has contributed immensely in the growth of enterprise systems. This has
spread through concepts such as e-government, open banking, e-healthcare,
e-commerce concepts to digitalized organizations. Conventionally, systems ran
within the corporate infrastructure. In the past few years, organizations have been
moving to the cloud. Authentication and authorization work well in on-premises or
within a single cloud. But authentication and authorization in modern systems with
hybrid cloud and multi-cloud approaches where none of the parties individually
govern the perimeter of the system is still an open problem. The components serving
in one part of the system can be totally strange to the other party and is not aware of
the security privileges they have. On the other hand, enterprise systems cannot
compromise on information security, though they may want to have the advantages
of multi-cloud systems. While there have been several attempts done by the research
communities from Google, Docker, Dropbox etc. to provide a common identification
protocol across systems, authorization mechanisms still lacks attention. This research
provides a solution for authorization between multiple systems (on-premise and
cloud or multiple clouds) based on identification completed by the infrastructure. In
the provided solution, a central server assigns attested identity to each legitimate
workload, to identify them and apply authorization policies at resource access. The
resource servers reside behind an access control layer, which allows method
execution according to an administrator-defined policy that considers fine-grained
details such as the accessing resource, action to be performed and other context
details, in addition to the identity of the consumer and the resource. |
en_US |
dc.language.iso |
en |
en_US |
dc.subject |
COMPUTER SCIENCE AND ENGINEERING-Dissertations |
en_US |
dc.subject |
COMPUTER SCIENCE-Dissertations |
en_US |
dc.subject |
CLOUD COMPUTING |
en_US |
dc.subject |
AUTHORIZATION |
en_US |
dc.subject |
ACCESS CONTROL |
en_US |
dc.title |
Authorization for workloads in a dynamically scaling, heterogeneous system |
en_US |
dc.type |
Thesis-Full-text |
en_US |
dc.identifier.faculty |
Engineering |
en_US |
dc.identifier.degree |
MSc in Computer Science |
en_US |
dc.identifier.department |
Department of Computer Science & Engineering |
en_US |
dc.date.accept |
2019 |
|
dc.identifier.accno |
TH4072 |
en_US |