Cloud Authorization Use Cases Version 0 Committee Note 01 19 November 2014


Use case 7: Administrate distributed access control policies



Download 466 Kb.
Page8/11
Date29.11.2017
Size466 Kb.
1   2   3   4   5   6   7   8   9   10   11

1.14Use case 7: Administrate distributed access control policies

1.14.1Description/User Story

Large corporations are usually composed of a central office and multiple subsidiaries. We may consider that the central office and each of its subsidiaries independently implement an authorization architecture with their own access policies to manage their resources.

The central office will need to have an appropriate management over the access control policies of the subsidiaries, in order to establish, for instance, a set of common policies for all subsidiaries (depending for example on some mandatory corporate regulations) or to assign specific policies to each one (depending for example on the type of service they provide), but at the same time allowing that each subsidiary implement its own policies.


1.14.2Goal or Desired Outcome


An administrative domain could manage policies in other administrative domains in a controlled way.

1.14.3Categories Covered


  • Account and Attribute management.

  • Policies Management

  • Authorization

1.14.4Applicable Deployment and Service Models


  • All Cloud Deployment Models (Private, Public, Community and Hybrid).

  • All Service Models (SaaS, PaaS and IaaS).

1.14.5Actors


  • Policies Administrator

1.14.6Systems


N/A

1.14.7Notable Services

1.14.8Dependencies

This use case may depend on Use Case 1.

1.14.9Assumptions


An administrative domain has the appropriate privileges to write authorization policies in other administrative domains.

1.14.10Process Flow


A Policies Administrator belonging to a given administrative domain wants to spread access control policies to other administrative domains in order to be enforced by them.

1.15Use case 8: Authorization audit

1.15.1Description/User Story


Cloud Authorization Services perform access control decision on sensitive data. There is a need to log and audit the output and details of the authorization decision performed to trace the relevant events happened in the system.

1.15.2Goal or Desired Outcome


Trace the relevant events happened in the system. Cloud User or entities cannot deny having performed an operation or initiated a transaction.

1.15.3Categories Covered


  • Audit and Compliance

1.15.4Applicable Deployment and Service Models


  • All Cloud Deployment Models (Private, Public, Community and Hybrid).

  • All Service Models (SaaS, PaaS and IaaS).

1.15.5Actors

1.15.6Systems


N/A

1.15.7Notable Services

1.15.8Dependencies

N/A

1.15.9Assumptions


N/A

1.15.10Process Flow


A Cloud Authorization Service evaluates some authorization policies to resolve an authorization query. The query, the decision and other relevant details of the evaluation are stored in logs files in either an internal or external service. Additionally, the logs are signed to provide non-repudiation capabilities.

1.16Use case 9: Risk based access control systems

1.16.1Description/User Story


Traditional access control systems assume uniformity of people, components, environments, conditions, etc. across the scenario and time. They tend to define its behavior based on static policies. However, when moving to the cloud, they should consider multiple factors to determine the security risk and operational need of each access decision.

Cloud Authorization services may determine access based on a computation of security risk and operational need, not just proper comparison of attributes. In other words, for each Risk Level and kind of resource, a set of specific counter-measures to protect the resource has to be triggered. Moreover, this risk level could vary during the time, so they should adapt to different situation.


1.16.2Goal or Desired Outcome


Define and adapt enterprise policies for establishing thresholds for security risk and operational need under various conditions

1.16.3Categories Covered


  • Policies Management

1.16.4Applicable Deployment and Service Models

  • All Cloud Deployment Models (Private, Public, Community and Hybrid).


  • All Service Models (SaaS, PaaS and IaaS).

1.16.5Actors


  • Cloud User

  • Cloud Resource

  • Policy Decision Point

1.16.6Systems


N/A

1.16.7Notable Services


  • Risk Level Administrator Service

1.16.8Dependencies


N/A

1.16.9Assumptions


The authorization policies could be defined based on security risk levels.

1.16.10Process Flow


A Cloud User wants to perform an operation over a Cloud Resource. To determine if the Cloud User is able to do it, an authorization decision is achieved based on the level of risk of the operation on this resource at that specific moment.

1.17Use case 10: Policies to determine administration privileges

1.17.1Description/User Story


An administrator of authorization systems usually specifies the access privileges by defining access control policies. Administrative policies are necessary to control the administrators/special-users who modify the access control policies. This is especially relevant in scenarios where administrator could define policies outside its domain, for instance in distributed systems.

1.17.2Goal or Desired Outcome


Policies to determine administration privileges are evaluated before the administrator could modify the access control policies.

1.17.3Categories Covered


  • Authorization

  • Policies Management

  • Account and Attribute Management

1.17.4Applicable Deployment and Service Models

  • All Cloud Deployment Models (Private, Public, Community and Hybrid).


  • All Service Models (SaaS, PaaS and IaaS).

1.17.5Actors


  • Policies administrator

  • Policy Decision Point

1.17.6Systems


N/A

1.17.7Notable Services


  • Cloud Policy Administration Service

1.17.8Dependencies


N/A

1.17.9Assumptions


N/A

1.17.10Process Flow


A Policy Administrator tries to change some policies either in an internal or external administrative domain. To determine if the administrator is able to change these policies, a Policy Decision Point firstly evaluates the administrative-policies, which determine the privileges of the administrators.



Share with your friends:
1   2   3   4   5   6   7   8   9   10   11


The database is protected by copyright ©hestories.info 2019
send message

    Main page