Use Case 2: Multi-Tenancy and Access Control

Partner: GRNET
Overview
A tenant, that is, a team of collaborators working on shared infrastructure resources, needs to acquire resources from a cloud provider and to perform authorised actions on them. GRNET is motivated to implement a mechanism to support such functions as tenant creation and modification, resource requesting and granting and policy definition and enforcement for actions on resources. All these must be implemented in a way that resource allocation is not cumbersome. It is also necessary that enforcing policies of permitted actions on each resource should be efficient and unobtrusive. Moreover, data confidentiality should be guaranteed even in the case where attackers (including malicious users) are able to bypass access control mechanisms and access directly the data stored in the cloud. In case that data-at-rest encryption is applied, the challenge is to support file-sharing capabilities on the encrypted data across multiple users/tenants.

Business Context
The ~okeanos Infrastructure as a Service provided by GRNET offers file sharing capabilities, but these are achieved by simply granting access permissions to specific users that collaborate. Therefore, resource sharing is limited to projects, with users as members. Meanwhile, there is currently no provision for end-to-end or data-at-rest encryption in the cloud service. GRNET wishes to explore such solutions for the next generation of its cloud services.

Technology Context
The solution currently adopted by GRNET for access control in a multi-tenancy environment is based on the notion of projects, through which resources are allocated to users. The Synnefo cloud management software developed by GRNET enforces resource isolation. However, this leaves open the possibility that attackers could bypass the Synnefo access control mechanism. The problem could be mitigated by leveraging encryption, guaranteeing confidentiality of data-at-rest, with sharing capabilities among different tenants.

Expected Outcomes and Contribution of TREDISEC
GRNET would like to achieve stronger data isolation to enforce the access control against unauthorized physical data access in the cloud scenario. As with Use Case 1, GRNET expects to combine its own engineering strengths with the research excellence of the TREDISEC partners so that novel encryption in multi-tenancy solutions can be brought into a production environment.