Abstract
Abstract Cloud computing has drawn much attention in recent years. One of its service models, called infrastructure as a service (IaaS), provides users with infrastructure services such as computation and data storage, heavily dependent upon virtualization techniques. Most of the current IaaS providers take the user-resource direct mapping approach for their business, where individual users are the only type of service consumer who can request and use virtualized resources as long as they pay for the usage. Therefore, in this approach, the users and virtual resources are centrally managed at the IaaS providers. However, this also results in the lack of support for scalable authorization management of users and resources, organization-level policy support, and flexible pricing for business users. Considering the increasing popularity and growing user base of cloud computing, there is a strong need for a more flexible IaaS model with a finer grained access control mechanism than the aforementioned all-or-nothing approach. In this paper we propose a domain-based, decentralized framework for provisioning and managing users and virtualized resources in IaaS. Specifically, an additional layer called domain is introduced to the user-resource direct mapping scheme, whereby de-centralization of user and resource management is facilitated. Our framework also allows the IaaS service provider to delegate its administrative routines to domains so that each domain is able to manage its users and virtualized resources allocated by the IaaS provider. Our domain-based approach offers benefits such as scalable user/resource management, domain-based security and governance policy support, and flexible pricing.
Highlights
This article is an expanded version of the paper “Domain-based Virtualized Resource Management in Cloud Computing” which appeared in the Proceedings of 5th International Workshop on Trusted Collaboration (TrustCol 2010).Cloud computing is a new type of computing, which enables convenient, on-demand access to computing resources
The computation and storage resource component is concerned with the service model called Infrastructure as a Service (IaaS), the cloud software development platform component pertains to another service model called Platform as a Service (PaaS), and the cloud software application component is related to the service model called Software as a Service (SaaS)
The security architecture we propose based on our framework is slightly modified from a traditional XML-based security architecture with multiple points associated with access control policy storage, administration, decision, and enforcement
Summary
This article is an expanded version of the paper “Domain-based Virtualized Resource Management in Cloud Computing” which appeared in the Proceedings of 5th International Workshop on Trusted Collaboration (TrustCol 2010).Cloud computing is a new type of computing, which enables convenient, on-demand access to computing resources. The computation and storage resource component is concerned with the service model called Infrastructure as a Service (IaaS), the cloud software development platform component pertains to another service model called Platform as a Service (PaaS), and the cloud software application component is related to the service model called Software as a Service (SaaS) Their differences are as follows; first, in the SaaS model, the cloud consumer can use the cloud provider’s applications running on a cloud infrastructure which are accessible through a client interface such as a web browser. Some of the examples of this type include Google App Engine and Windows Azure [10, 29]; and, lastly in the IaaS model, the provider provisions processing, storage, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software. The successful implementation of cloud infrastructure requires that both foundational and applied components work together seamlessly
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
