Trust-Based Access Control for Secure Cloud Computing

@inproceedings{Ray2014TrustBasedAC,
  title={Trust-Based Access Control for Secure Cloud Computing},
  author={Indrajit Ray and Indrakshi Ray},
  year={2014}
}
Multi-tenancy, elasticity and dynamicity pose several novel challenges for access control in a cloud environment. Accessing subjects may dynamically change, resources requiring protection may be created or modified, and subject access requirements to resources may change during the course of the application execution. Users may need to acquire different permissions from different administrative domains based on the services in cloud computing environment. Traditional identity-based access… 
Blacklisting and Forgiving Coarse-grained Access Control for Cloud Computing
TLDR
In this paper, the formal trust definition is introduced, which imports a novel method to provide the basis for granting access and a new Blacklisting and Forgiving Coarse-grained Access Control (BF-CAC) model has been proposed.
Enhanced Trust Based Access Control for Multi-Cloud Environment
TLDR
A trust-based access control model based on user and server characteristics in a multi-cloud environment to address the issue of integrity of cloud servers' integrity and is found to outperform other existing systems in aMulti- cloud environment.
A Novel Role-based Access Control Model in Cloud Environments
TLDR
A SAT-RBAC model (security and availability based trust relationship in RBAC) is proposed and adopts the following elements as the main factors of a trust relationship: the security state and network avail- ability of the host used by a user, the protection state of the service providers that are related to the role.
Survey on Access Control Mechanisms in Cloud Environments
TLDR
In this study, based on the security requirement, various attribute-based encryption schemes are exposed and distinct encipher projects are presented in a future enhancement in order to encrypt the documents/information more efficiently.
Privacy Protection and Data Security in Cloud Computing: A Survey, Challenges, and Solutions
  • P. Sun
  • Computer Science
    IEEE Access
  • 2019
TLDR
This paper systematically review and analyze relevant research achievements of cloud computing privacy protection based on access control, attribute-based encryption (ABE), trust and reputation, and proposes a framework of privacy protection.
Dynamic Risk Access Control Model for Cloud Platform
TLDR
Experimental results show that CPDAC is effective and feasible; in addition, the model is better in real-time and dynamic than other existing models.
Multi-Factor Synthesis Decision-Making for Trust-Based Access Control on Cloud
TLDR
The trust notation can provide a creditable basis for access control decision-making for the resource pooling, dynamic, and multi-tenant cloud environment.
Cloud Computing and Security
TLDR
This paper proposes a framework for verifying the consistency of electronic record data based onfunctional dependency theory, and an example of verifying the data consistency based on functional dependency theory is given to check theData consistency of Electronic record periodically.
Reliable and secure low energy sensed spectrum communication for time critical cloud computing applications
Reliability and security of data transmission and access are of paramount importance to enhance the dependability of time critical remote monitoring systems (e.g. tele-monitoring patients,
Using a Novel Method for Trust Evaluation to Enhance ABAC Capabilities
  • M. ArastehS. Alizadeh
  • Computer Science
    2020 10th International Conference on Computer and Knowledge Engineering (ICCKE)
  • 2020
TLDR
The proposed model makes the final AC decision by the consideration of both ABAC’s result and the amount of trust, and is evaluated by the Fuzzy Inference System and Neural Networks.
...
...

References

SHOWING 1-10 OF 59 REFERENCES
A Trust-Based Context-Aware Access Control Model for Web-Services
TLDR
This paper proposes an extended, trust-enhanced version of the XML-based Role Based Access Control (X-RBAC) framework that incorporates trust and context into access control, and outlines the configuration mechanism needed to apply the model to the Web services environment, and provides a service access control specification.
TrustBAC: integrating trust relationships into the RBAC model for access control in open systems
TLDR
The TrustBAC model is proposed, which extends the conventional role based access control model with the notion of trust levels and incorporates the advantages of both the role basedAccess control model and credential basedaccess control models.
OAuth and ABE based authorization in semi-trusted cloud computing: aauth
TLDR
A new authorization scheme (AAuth) is proposed that builds on the OAuth standard by leveraging ciphertext-policy attribute based encryption and an ElGamal-like mask over the HTTP protocol to enable authorization by both authorities and owners and to move policy enforcement from clouds to destinations.
A Spatio-temporal Access Control Model Supporting Delegation for Pervasive Computing Applications
TLDR
This model is based on RBAC because it simplifies role management and is the de facto access control model for commercial organizations, however, unlike RBAC, it uses information from the environmental contexts to determine access decisions.
An Access Control Model for Ubiquitous Computing Application
TLDR
A trust based access control model to secure ubiquitous computing application is presented and the resource-constrained trust negotiation is addressed to establish initial trust for authenticating strangers.
LRBAC: A Location-Aware Role-Based Access Control Model
TLDR
This paper shows how the Role-Based Access Control (RBAC) model can be extended to incorporate the notion of location and how this location information can be used to determine whether a subject has access to a given object.
Role-Based Access Control
This newly revised edition of the Artech House bestseller, Role-Based Access Control, offers you the very latest details on this sophisticated security model aimed at reducing the cost and complexity
Data leakage mitigation for discretionary access control in collaboration clouds
TLDR
A series of mechanisms to provide defense in depth against information leakage in SaaS collaboration systems are designed, allowing enterprises to encode their organizational security rules as mandatory access control policies, so as to impose coarse-grained restrictions on their employees' discretionary sharing decisions.
Design of a role-based trust-management framework
TLDR
The RT framework, a family of role-based trust management languages for representing policies and credentials in distributed authorization, is introduced, and the semantics of credentials are defined by presenting a translation from credentials to Datalog rules.
Privacy Preserving Access Control with Authentication for Securing Data in Clouds
  • S. RujM. StojmenovicA. Nayak
  • Computer Science
    2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012)
  • 2012
TLDR
In the proposed scheme, the cloud verifies the authenticity of the user without knowing the user's identity before storing information, and the added feature of access control in which only valid users are able to decrypt the stored information.
...
...