Cloud Storage Pluggable Access Control

Author(s)/Presenter(s):
Library Content Type:
Publish Date: 
Monday, September 24, 2018
Event Name: 
Focus Areas:
Abstract: 

Cloud storage systems typically provide access control based on access control lists (ACLs) and role-based access control (RBAC) models. While delegation of user identity is now common, new use cases and regulatory environments are requiring approaches that extend beyond these traditional user and group identity-based models, and are based on the object’s characteristics itself. This presentation provides an overview of pluggable access control providers in CDMI, including domain-granular access control delegation, visibility access control, and metadata-granular access control. Examples from medical and data privacy use cases shall also be provided.

Learning Objectives:
1. Understand how access control fits into cloud storage data access
2. Understand how access control delegation works in CDMI
3. Understand how access control can apply to container listings and metadata
4. Understand use cases where extended access control is needed

Watch video: