Saranyu: Using Smart Contracts and Blockchain for Cloud Tenant Management

While blockchains and smart contracts are primarily known for their use as the technologies underlying cryptocurrencies like Bitcoin and Ethereum, these technologies also have applicability in other areas. In this paper, we present an application of smart contracts running on a permissioned distributed ledger (essentially a private blockchain where only credentialed participants are allowed to read and write) to managing tenant and service accounts in a cloud computing data center. The system is called Saranyu and it supports four services: identity management, authentication, authorization, and charging. Identity management and authentication are handled using client-generated public/private key pairs in the usual fashion. Authorization is handled as a contract from a grantee of service access rights to a recipient which is a tenant or other service. Charging is supported by Saranyu integration with payment gateways for payments related to service resource usage. We describe an implementation of Saranyu on top of the Quorum blockchain system. We believe the security, non-repudiation, tamper-resistance, and easy transaction history access brought by blockchain technology will increase transparency and trust in cloud tenant and service management and that the fundamentally distributed nature of the blockchain will make Saranyu an excellent match with developing distributed cloud architectures.