IEEE Access (Jan 2024)
A Hierarchical Namespace Approach for Multi-Tenancy in Distributed Clouds
Abstract
The micro cloud model offers cloud behavior at the edge of the network. It allows dynamic organization of the resources, closer to the users and the data. One of the crucial problems to solve is to design a proper cloud model at the edge of the network and offer cloud services that support multi-tenancy. This cloud property is a governing mechanism to lower cloud costs. It is essential for the scalability of both public and private clouds due to the utilization of shared resources and the logical separation of tenants. This paper presents the model for the creation of virtual clouds (vClouds) on physical infrastructure using a hierarchy of namespaces, with proper organization and redistribution of resources such as CPU, RAM, and storage, while preserving logical isolation between vClouds, thus creating a multi-tenant system. The presented model guarantees accurate resource redistribution through graph transformations to model operations, while the proposed protocols ensure correctness by employing multiparty session types for modeling. We extend the secure computing mode to establish an isolated system, allowing sandboxing rules for every namespace and creating hierarchies of security profiles. This advancement enables our model to inherit parent security profiles fully, extend them by adding child-specific elements, or redefine and create entirely new ones. Furthermore, the users can switch context, meaning they can change vCloud or the namespace they operate on.
Keywords