Trust-Based Access Control for Secure Cloud Computing
@inproceedings{Ray2014TrustBasedAC, title={Trust-Based Access Control for Secure Cloud Computing}, author={Indrajit Ray and Indrakshi Ray}, year={2014} }
Multi-tenancy, elasticity and dynamicity pose several novel challenges for access control in a cloud environment. Accessing subjects may dynamically change, resources requiring protection may be created or modified, and subject access requirements to resources may change during the course of the application execution. Users may need to acquire different permissions from different administrative domains based on the services in cloud computing environment. Traditional identity-based access…
13 Citations
Blacklisting and Forgiving Coarse-grained Access Control for Cloud Computing
- Computer Science
- 2016
In this paper, the formal trust definition is introduced, which imports a novel method to provide the basis for granting access and a new Blacklisting and Forgiving Coarse-grained Access Control (BF-CAC) model has been proposed.
Enhanced Trust Based Access Control for Multi-Cloud Environment
- Computer Science
- 2021
A trust-based access control model based on user and server characteristics in a multi-cloud environment to address the issue of integrity of cloud servers' integrity and is found to outperform other existing systems in aMulti- cloud environment.
A Novel Role-based Access Control Model in Cloud Environments
- Computer ScienceInt. J. Comput. Intell. Syst.
- 2016
A SAT-RBAC model (security and availability based trust relationship in RBAC) is proposed and adopts the following elements as the main factors of a trust relationship: the security state and network avail- ability of the host used by a user, the protection state of the service providers that are related to the role.
Survey on Access Control Mechanisms in Cloud Environments
- Computer Science
- 2019
In this study, based on the security requirement, various attribute-based encryption schemes are exposed and distinct encipher projects are presented in a future enhancement in order to encrypt the documents/information more efficiently.
Privacy Protection and Data Security in Cloud Computing: A Survey, Challenges, and Solutions
- Computer ScienceIEEE Access
- 2019
This paper systematically review and analyze relevant research achievements of cloud computing privacy protection based on access control, attribute-based encryption (ABE), trust and reputation, and proposes a framework of privacy protection.
Dynamic Risk Access Control Model for Cloud Platform
- Computer ScienceICCCS
- 2018
Experimental results show that CPDAC is effective and feasible; in addition, the model is better in real-time and dynamic than other existing models.
Multi-Factor Synthesis Decision-Making for Trust-Based Access Control on Cloud
- Computer ScienceInt. J. Cooperative Inf. Syst.
- 2017
The trust notation can provide a creditable basis for access control decision-making for the resource pooling, dynamic, and multi-tenant cloud environment.
Cloud Computing and Security
- Computer ScienceLecture Notes in Computer Science
- 2018
This paper proposes a framework for verifying the consistency of electronic record data based onfunctional dependency theory, and an example of verifying the data consistency based on functional dependency theory is given to check theData consistency of Electronic record periodically.
Reliable and secure low energy sensed spectrum communication for time critical cloud computing applications
- Computer Science
- 2017
Reliability and security of data transmission and access are of paramount importance to enhance the dependability of time critical remote monitoring systems (e.g. tele-monitoring patients,…
Using a Novel Method for Trust Evaluation to Enhance ABAC Capabilities
- Computer Science2020 10th International Conference on Computer and Knowledge Engineering (ICCKE)
- 2020
The proposed model makes the final AC decision by the consideration of both ABAC’s result and the amount of trust, and is evaluated by the Fuzzy Inference System and Neural Networks.
References
SHOWING 1-10 OF 59 REFERENCES
A Trust-Based Context-Aware Access Control Model for Web-Services
- Computer ScienceProceedings. IEEE International Conference on Web Services, 2004.
- 2004
This paper proposes an extended, trust-enhanced version of the XML-based Role Based Access Control (X-RBAC) framework that incorporates trust and context into access control, and outlines the configuration mechanism needed to apply the model to the Web services environment, and provides a service access control specification.
TrustBAC: integrating trust relationships into the RBAC model for access control in open systems
- Computer ScienceSACMAT '06
- 2006
The TrustBAC model is proposed, which extends the conventional role based access control model with the notion of trust levels and incorporates the advantages of both the role basedAccess control model and credential basedaccess control models.
OAuth and ABE based authorization in semi-trusted cloud computing: aauth
- Computer ScienceDataCloud-SC '11
- 2011
A new authorization scheme (AAuth) is proposed that builds on the OAuth standard by leveraging ciphertext-policy attribute based encryption and an ElGamal-like mask over the HTTP protocol to enable authorization by both authorities and owners and to move policy enforcement from clouds to destinations.
A Spatio-temporal Access Control Model Supporting Delegation for Pervasive Computing Applications
- Computer ScienceTrustBus
- 2008
This model is based on RBAC because it simplifies role management and is the de facto access control model for commercial organizations, however, unlike RBAC, it uses information from the environmental contexts to determine access decisions.
An Access Control Model for Ubiquitous Computing Application
- Computer Science2005 2nd Asia Pacific Conference on Mobile Technology, Applications and Systems
- 2005
A trust based access control model to secure ubiquitous computing application is presented and the resource-constrained trust negotiation is addressed to establish initial trust for authenticating strangers.
LRBAC: A Location-Aware Role-Based Access Control Model
- Computer ScienceICISS
- 2006
This paper shows how the Role-Based Access Control (RBAC) model can be extended to incorporate the notion of location and how this location information can be used to determine whether a subject has access to a given object.
Role-Based Access Control
- Computer ScienceEncyclopedia of Cryptography and Security
- 2011
This newly revised edition of the Artech House bestseller, Role-Based Access Control, offers you the very latest details on this sophisticated security model aimed at reducing the cost and complexity…
Data leakage mitigation for discretionary access control in collaboration clouds
- Computer ScienceSACMAT '11
- 2011
A series of mechanisms to provide defense in depth against information leakage in SaaS collaboration systems are designed, allowing enterprises to encode their organizational security rules as mandatory access control policies, so as to impose coarse-grained restrictions on their employees' discretionary sharing decisions.
Design of a role-based trust-management framework
- Computer ScienceProceedings 2002 IEEE Symposium on Security and Privacy
- 2002
The RT framework, a family of role-based trust management languages for representing policies and credentials in distributed authorization, is introduced, and the semantics of credentials are defined by presenting a translation from credentials to Datalog rules.
Privacy Preserving Access Control with Authentication for Securing Data in Clouds
- Computer Science2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012)
- 2012
In the proposed scheme, the cloud verifies the authenticity of the user without knowing the user's identity before storing information, and the added feature of access control in which only valid users are able to decrypt the stored information.