English

Abstract

Cloud computing is synonym of high performance computing. It offers a very scalable infrastructure to deploy a huge number of systems and services without any impact of the performance. Such a wide distributed infrastructure, as for the traditional systems, requires authorization and access control mechanisms to ensure the basic security requirements to restrict the access to resources. To satisfy these requirements cloud providers still rely on the traditional authorization and access control systems that in some critical cases can generate performance issues. More the access control structure is complex (many authorization levels, many users and resources to protect), more the enforcement of the access control policies is slow. In this paper we propose a performance study for these traditional access control mechanisms demonstrating the overhead generated by the authorizations checking that can appear in extreme usage conditions. We propose a new approach to make access control systems more scalable and adapted to cloud computing high performance requirements. This approach is based on a high speed caching access control tree that accelerates the decision without impacting on the consistency of the rules. We compare the performance test results obtained by our solution to a traditional Access control system deployed in the cloud.