Multi-Tenant Access Control Model for Cloud Manufacturing

Cloud manufacturing is a new service-oriented networked manufacturing mode based on the concept of “Manufacture as a Service” and achieves the sharing of manufacturing resources and manufacturing capacity. Multi-tenancy technology can improve utilization efficiency of manufacturing resources and ensure information security among tenants, enabling users to share the cloud manufacturing resources better. To execute this new mode, isolation access and on-demand services are indispensable. However, the traditional access control model cannot satisfy the demands of multi-tenant environment on cloud manufacturing platform. To solve the demands in such an environment, a model named Multi-Tenant Access Control Model for Cloud Manufacturing (CM-MTAC) is proposed. Based on cloud manufacturing architecture, we build a hierarchical cloud manufacturing access control architecture combining multi-tenancy. Considering the demands under this condition, the elements of cloud manufacturing access control model and the relationships between them are redefined by extending the ABAC model. Then multi-tenancy authorization framework is proposed and XACML language is used to describe the policy to provide our model with on-demand service, isolation access and inter-tenant collaboration. Finally, we develop this model into the cloud manufacturing monitoring platform. Results show that our model, compared with traditional models, has a better performance of on-demand service, isolation access and inter-tenant cooperation under the environment of cloud manufacturing.