Digital Communications and Networks (Feb 2020)

A multi-layered policy generation and management engine for semantic policy mapping in clouds

  • Faraz Fatemi Moghaddam,
  • Philipp Wieder,
  • Ramin Yahyapour

Journal volume & issue
Vol. 6, no. 1
pp. 38 – 50

Abstract

Read online

The long awaited cloud computing concept is a reality now due to the transformation of computer generations. However, security challenges have become the biggest obstacles for the advancement of this emerging technology. A well-established policy framework is defined in this paper to generate security policies which are compliant to requirements and capabilities. Moreover, a federated policy management schema is introduced based on the policy definition framework and a multi-level policy application to create and manage virtual clusters with identical or common security levels. The proposed model consists in the design of a well-established ontology according to security mechanisms, a procedure which classifies nodes with common policies into virtual clusters, a policy engine to enhance the process of mapping requests to a specific node as well as an associated cluster and matchmaker engine to eliminate inessential mapping processes. The suggested model has been evaluated according to performance and security parameters to prove the efficiency and reliability of this multi-layered engine in cloud computing environments during policy definition, application and mapping procedures. Keywords: Cloud computing, Security, Security management, Policy management, Access control, Policy mapping