Abstract

SaaS (Software as a Service) deliver software as a service over the Internet, eliminating the need to install and run the application on the customers' own computers and simplifying maintenance and support. Access control is an important information security mechanism, according to user identity and the attribution of a predefined group of users to restrict access to certain information items, and limit the use of certain functions. In view of the features of multi-tenant, if we apply existing access control methods to SaaS systems directly, the following problems will appear: (1) role name conflicts (2) cross-level management (3) the isomerism of tenants' access control. This paper propose the S-RBAC model which can be applied to SaaS systems, this model extends from the RBAC model and ARBAC97 model, it uses layered structures to achieve system-level and tenant-level access control, solves the SaaS system access control problems. And we put forward a way to implement the access control module for SaaS systems based on S-RBAC model.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.