Hierarchical Secure Information and Resource Sharing in OpenStack Community Cloud

Community clouds provide efficient and secure environments for organizations with similar organization structures or business models to host their systems. Since threat analysis and incident response infrastructure and resources can be rapidly shared on a community cloud, the participating organizations save time and cost in handling cyber incidents. Unfortunately, contemporary cloud platforms are lacking a widely accepted access control model for secure information and resource sharing. Following the recent innovation of Hierarchical Multitenancy in OpenStack community, we propose a hierarchical secure information and resource sharing model in the context of an OpenStack community cloud. Our model enables secure and effective management of information sharing in a community cloud for both routine and cyber incident response needs. We believe this model is applicable in community clouds beyond OpenStack as well.