Access control policies enforcement in a cloud environment: Openstack

Cloud computing has become a widely used paradigm in many IT domains such as e-health. It offers several advantages to the users, e.g. elasticity, flexibility and the rapid sharing of a huge set of digital data. However, many security and privacy concerns still pose significant challenges. In particular, the most identified problem is how to enforce the user´s security policy in the access control of the outsourced data. In fact, cloud environments does not provide facilities to support high level defined security policies. For instance, the swift storage component of openstack supports only fine grained access control to execute a specific action on a specific defined object. In this paper, we designed and implemented a middleware to provide high level security policies while using such swift fine grained primitives. An e-health collaborative application dedicated for remote diagnosis is used to illustrate the suggested approach.