Show simple item record

dc.contributor.authorZhang, Boyun
dc.date.accessioned2020-12-15 18:49:11 (GMT)
dc.date.available2020-12-15 18:49:11 (GMT)
dc.date.issued2020-12-15
dc.date.submitted2020-12-14
dc.identifier.urihttp://hdl.handle.net/10012/16553
dc.description.abstractThis thesis addresses Amazon Web Service (AWS) identity-based policies with "read", "write" and "execute" actions. AWS is a large provider of cloud computing, security is an important property that an application running in AWS must meet. Towards this, AWS provides users with their services, a powerful mechanism and associated syntax, to articulate identity-based policies which manages and grants permission to an identity includes the IAM user, group or role. The current design for AWS policy syntax requires the specification, by the owner of cloud application, of the actions that users or role can be allowed to execute. While file system with traditional UNIS permissions also manages resources in a manner similarly to AWS but with three actions only: "read", "write" and "execute". We propose a new syntax for AWS identity-based policy that all the possible actions are restricted to "read", "write" and "execute". We expect this new syntax will be more usable than the current design from the standpoint of ease and accuracy. We discuss the design and carry out a small-scale human participant study with 20 participants to validate this hypothesis. The result of study demonstrates that current specifying AWS policy helps AWS community developers easier to adhere least-privilege and brings users more convenience on access control.en
dc.language.isoenen
dc.publisherUniversity of Waterlooen
dc.subjectaccess controlen
dc.subjectAmazon Web Serviceen
dc.subjecttraditional UNIX permissionen
dc.subjectsecurityen
dc.titleAWS Identity-based Policies with "Read", "Write" and "Execute" Actionsen
dc.typeMaster Thesisen
dc.pendingfalse
uws-etd.degree.departmentElectrical and Computer Engineeringen
uws-etd.degree.disciplineElectrical and Computer Engineeringen
uws-etd.degree.grantorUniversity of Waterlooen
uws-etd.degreeMaster of Applied Scienceen
uws.contributor.advisorTripunitara, Mahesh
uws.contributor.affiliation1Faculty of Engineeringen
uws.published.cityWaterlooen
uws.published.countryCanadaen
uws.published.provinceOntarioen
uws.typeOfResourceTexten
uws.peerReviewStatusUnrevieweden
uws.scholarLevelGraduateen


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record


UWSpace

University of Waterloo Library
200 University Avenue West
Waterloo, Ontario, Canada N2L 3G1
519 888 4883

All items in UWSpace are protected by copyright, with all rights reserved.

DSpace software

Service outages