Conference ProceedingsOPEN ACCESS

Simau: A dynamic privilege management mechanism for host in cloud datacenters

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2018) 11149 LNCS 721-731
DOI: 10.1007/978-3-030-01950-1_43
0Citations
Citations of this article
11Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Nowadays, a majority of cyber-attacks are associated with the insider threats owing to improper privileges management. Though a number of access control mechanisms have been carried out, the insider threats are continuously increasing. In cloud, however, the physical machines of datacenters are still exposed to danger. Without the trusted hosts as the foundation, any further measurements for virtual machines are in vain. In this paper, we introduce Simau: a mechanism that constrains the privileges of root on each host in the cloud. It deploys a decision engine in user-space to support the variable security policies. The scope of Simau covers both kernel-space and user-space. Under Simau, once a system administrator logs into a host, he has only the least privileges to finish his missions and all his requests for privileged operations are determined by Simau. The experiments at last show good performance of our mechanism.

Author supplied keywords

Cite

CITATION STYLE

APA

Wang, L., Zhu, M., Li, Q., & Tu, B. (2018). Simau: A dynamic privilege management mechanism for host in cloud datacenters. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11149 LNCS, pp. 721–731). Springer Verlag. https://doi.org/10.1007/978-3-030-01950-1_43

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free