In a Cloud Computing Environment, access decisions need to be made based on the context. The context includes the subject, the resource, the action, the environment and attributes of each of these. Access Decisions can be made if entitlements or permissions the subject has can be obtained.
1.8.2 Goal or Desired Outcome
Entitlements or permissions of a subject during an access decision check can be obtained from a repository or service.
Entitlements or permissions for a subject are stored in a repository or can be obtained from an external service.
A Cloud User tries to access a Cloud Resource.
The Cloud Authorization Service tries to determine if the Cloud User has access to the Cloud Resource.
The Cloud Authorization Service needs the permissions or the entitlements the Cloud User has. It asks a Cloud Entitlement Service for the permissions or entitlements the Cloud User has for the particular Cloud Resource, for the particular action and the environment such as IP Address, DateTime etc.
The Cloud Entitlement Service returns a set of permissions. The Cloud Authorization Service does the access check based on the entitlements.
When designing a policy within a federated authorization system, the policy designer places a high degree of overall system integrity in the ‘quality” of the attributes used in a given policy decision. The active exchange of attributes and data between relying parties in distributed cloud / federated authorization systems, makes it hard to design policies that allow for the varying levels of controls & assurance placed around attribute management lifecycle controls. This user story introduces the use of a “reliability index” to help providers and consumers define, model and understand an integrity rating for a given attribute, set of attributes or attribute provider By employing a reliability index for the attribute provider and for the specific attributes it provides, the policy designer is able to create more meaningful access policies, policies that reflect the dependencies, reliability and overall risks inherent in the authorization system as a whole.
1.9.2Goal or Desired Outcome
The policy author is able to define a policy that allows for the real-time assessment of the reliability of an attribute provider or the individual reliability for any attribute it provides. This allows for varying levels of access control policy to be applied dependent on the value of the reliability index retrieved for the provider and/or its attributes. When reliability is low, the policy author defines more approval/controls and less access for the same decision matrix, applied to the same set of identity attributes. This should allow for better decisions to be made.