Access Control-Based Assured Information Sharing in the Cloud

The advent of cloud computing and the continuing movement toward software as a service paradigms have posed an increasing need for assured information sharing as a service in the cloud. The cloud computing paradigm enables the sharing of large amounts of data securely and efficiently. The design of CAISS++ is based on a novel combination of a web ontology language (OWL) based policy engine with a resource description framework (RDF) processing engine. The users of CAISS++ can use a language of their choice (e.g., XACML, RDF, and Rei) to specify their information sharing policies. These policies will be translated into a suitable sublanguage of OWL using existing or custom-built translators. In addition to RDF policies, the current policy engine can handle policies in OWL for implementing role-based access control, inference control, and social network analysis.