Access control in a distributed micro-cloud environment

• URL: http://arxiv.org/abs/2410.20278v1
• Date: Sat, 26 Oct 2024 21:09:09 GMT
• Title: Access control in a distributed micro-cloud environment
• Authors: Tamara Ranković, Miloš Simić, Milan Stojkov, Goran Sladić,
• Abstract summary: Attribute-Based Access Control models come at the cost of high policy management complexity. We propose an ABAC model that incorporates user and object hierarchies. We develop a policy engine that supports the model and present a distributed cloud use case.
• Score: 0.0
• License:
• Abstract: Proliferation of systems that generate enormous amounts of data and operate in real time has led researchers to rethink the current organization of the cloud. Many proposed solutions consist of a number of small data centers in the vicinity of data sources. That creates a highly complex environment, where strict access control is essential. Recommended access control models frequently belong to the Attribute-Based Access Control (ABAC) family. Flexibility and dynamic nature of these models come at the cost of high policy management complexity. In this paper, we explore whether the administrative overhead can be lowered with resource hierarchies. We propose an ABAC model that incorporates user and object hierarchies. We develop a policy engine that supports the model and present a distributed cloud use case. Findings in this paper suggest that resource hierarchies simplify the administration of ABAC models, which is a necessary step towards their further inclusion in real-world systems.

Related papers

• Multi-Stream Cellular Test-Time Adaptation of Real-Time Models Evolving in Dynamic Environments [53.79708667153109]
  Smart objects, notably autonomous vehicles, face challenges in critical local computations due to limited resources. We propose a novel Multi-Stream Cellular Test-Time Adaptation setup where models adapt on the fly to a dynamic environment divided into cells. We validate our methodology in the context of autonomous vehicles navigating across cells defined based on location and weather conditions.
  arXiv  Detail & Related papers  (2024-04-27T15:00:57Z)
• CUDC: A Curiosity-Driven Unsupervised Data Collection Method with Adaptive Temporal Distances for Offline Reinforcement Learning [62.58375643251612]
  We propose a Curiosity-driven Unsupervised Data Collection (CUDC) method to expand feature space using adaptive temporal distances for task-agnostic data collection. With this adaptive reachability mechanism in place, the feature representation can be diversified, and the agent can navigate itself to collect higher-quality data with curiosity. Empirically, CUDC surpasses existing unsupervised methods in efficiency and learning performance in various downstream offline RL tasks of the DeepMind control suite.
  arXiv  Detail & Related papers  (2023-12-19T14:26:23Z)
• Serving Deep Learning Model in Relational Databases [70.53282490832189]
  Serving deep learning (DL) models on relational data has become a critical requirement across diverse commercial and scientific domains. We highlight three pivotal paradigms: The state-of-the-art DL-centric architecture offloads DL computations to dedicated DL frameworks. The potential UDF-centric architecture encapsulates one or more tensor computations into User Defined Functions (UDFs) within the relational database management system (RDBMS)
  arXiv  Detail & Related papers  (2023-10-07T06:01:35Z)
• Predicting Resource Consumption of Kubernetes Container Systems using Resource Models [3.138731415322007]
  This paper considers how to derive resource models for cloud systems empirically. We do so based on models of deployed services in a formal language with explicit adherence to CPU and memory resources. We report on leveraging data collected empirically from small deployments to simulate the execution of higher intensity scenarios on larger deployments.
  arXiv  Detail & Related papers  (2023-05-12T17:59:01Z)
• Sparsity-Aware Intelligent Massive Random Access Control in Open RAN: A Reinforcement Learning Based Approach [61.74489383629319]
  Massive random access of devices in the emerging Open Radio Access Network (O-RAN) brings great challenge to the access control and management. reinforcement-learning (RL)-assisted scheme of closed-loop access control is proposed to preserve sparsity of access requests. Deep-RL-assisted SAUD is proposed to resolve highly complex environments with continuous and high-dimensional state and action spaces.
  arXiv  Detail & Related papers  (2023-03-05T12:25:49Z)
• Distributed-Training-and-Execution Multi-Agent Reinforcement Learning for Power Control in HetNet [48.96004919910818]
  We propose a multi-agent deep reinforcement learning (MADRL) based power control scheme for the HetNet. To promote cooperation among agents, we develop a penalty-based Q learning (PQL) algorithm for MADRL systems. In this way, an agent's policy can be learned by other agents more easily, resulting in a more efficient collaboration process.
  arXiv  Detail & Related papers  (2022-12-15T17:01:56Z)
• Toward Deep Learning Based Access Control [3.2511618464944547]
  This paper proposes Deep Learning Based Access Control (DLBAC) by leveraging significant advances in deep learning technology. DLBAC could complement and, in the long-term, has the potential to even replace, classical access control models with a neural network. We demonstrate the feasibility of the proposed approach by addressing issues related to accuracy, generalization, and explainability.
  arXiv  Detail & Related papers  (2022-03-28T22:05:11Z)
• Adaptive ABAC Policy Learning: A Reinforcement Learning Approach [2.5997274006052544]
  We propose an adaptive ABAC policy learning approach to automate the authorization management task. In particular, we propose a contextual bandit system, in which an authorization engine adapts an ABAC model through a feedback control loop. We focus on developing an adaptive ABAC policy learning model for a home IoT environment as a running example.
  arXiv  Detail & Related papers  (2021-05-18T15:18:02Z)
• Decentralized Control with Graph Neural Networks [147.84766857793247]
  We propose a novel framework using graph neural networks (GNNs) to learn decentralized controllers. GNNs are well-suited for the task since they are naturally distributed architectures and exhibit good scalability and transferability properties. The problems of flocking and multi-agent path planning are explored to illustrate the potential of GNNs in learning decentralized controllers.
  arXiv  Detail & Related papers  (2020-12-29T18:59:14Z)
• An Automatic Attribute Based Access Control Policy Extraction from Access Logs [5.142415132534397]
  An attribute-based access control (ABAC) model provides a more flexible approach for addressing the authorization needs of complex and dynamic systems. We present a methodology for automatically learning ABAC policy rules from access logs of a system to simplify the policy development process.
  arXiv  Detail & Related papers  (2020-03-16T15:08:54Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.