Trust-Based Access Control for Secure Cloud Computing

@inproceedings{Ray2014TrustBasedAC,
  title={Trust-Based Access Control for Secure Cloud Computing},
  author={Indrajit Ray and Indrakshi Ray},
  year={2014}
}
Multi-tenancy, elasticity and dynamicity pose several novel challenges for access control in a cloud environment. Accessing subjects may dynamically change, resources requiring protection may be created or modified, and subject access requirements to resources may change during the course of the application execution. Users may need to acquire different permissions from different administrative domains based on the services in cloud computing environment. Traditional identity-based access… Expand
A Novel Role-based Access Control Model in Cloud Environments
TLDR
A SAT-RBAC model (security and availability based trust relationship in RBAC) is proposed and adopts the following elements as the main factors of a trust relationship: the security state and network avail- ability of the host used by a user, the protection state of the service providers that are related to the role. Expand
Survey on Access Control Mechanisms in Cloud Environments
TLDR
In this study, based on the security requirement, various attribute-based encryption schemes are exposed and distinct encipher projects are presented in a future enhancement in order to encrypt the documents/information more efficiently. Expand
Privacy Protection and Data Security in Cloud Computing: A Survey, Challenges, and Solutions
  • P. Sun
  • Computer Science
  • IEEE Access
  • 2019
TLDR
This paper systematically review and analyze relevant research achievements of cloud computing privacy protection based on access control, attribute-based encryption (ABE), trust and reputation, and proposes a framework of privacy protection. Expand
Dynamic Risk Access Control Model for Cloud Platform
TLDR
Experimental results show that CPDAC is effective and feasible; in addition, the model is better in real-time and dynamic than other existing models. Expand
Dynamic counter-measures for risk-based access control systems
TLDR
This paper proposes the adoption of dynamic counter-measures changing along time to face variations in the risk level of every resource, bringing two main benefits, namely: a suitable resource protection according to the risklevel and an access control system granting/denying access depending on the fulfillment of a set of security controls applicable in an authorization access request. Expand
Dynamic counter-measures for risk-based access control systems: An evolutive approach
TLDR
This paper proposes the adoption of dynamic counter-measures changing along time to face variations in the risk level of every resource, bringing two main benefits, namely: a suitable resource protection according to the risklevel and an access control system granting/denying access depending on the fulfillment of a set of security controls applicable in an authorization access request. Expand
Research on cloud computing service based on trust access control
TLDR
A trust access control model for cloud services is constructed and a trust evaluation method based on direct trust, trust risk, feedback trust, reward penalty, and obligation trust to express the complexity and uncertainty of trust relationship is proposed. Expand
Control Based on FCE of User Behavior in Cloud Environment
In a complex dynamic cloud computing environment, both analyses of abnormal behavior of users and confirming incredible users are effective security measures. Fuzzy mathematics is used to reflect theExpand
Using a Novel Method for Trust Evaluation to Enhance ABAC Capabilities
  • M. Arasteh, S. Alizadeh
  • 2020 10th International Conference on Computer and Knowledge Engineering (ICCKE)
  • 2020
Access control is a security mechanism that prevents unauthorized access to sensitive resources. Attribute-Based Access Control model (ABAC) makes decisions by the considerations of subjects’Expand
Multi-Factor Synthesis Decision-Making for Trust-Based Access Control on Cloud
TLDR
The trust notation can provide a creditable basis for access control decision-making for the resource pooling, dynamic, and multi-tenant cloud environment. Expand
...
1
2
...

References

SHOWING 1-10 OF 59 REFERENCES
TrustBAC: integrating trust relationships into the RBAC model for access control in open systems
TLDR
The TrustBAC model is proposed, which extends the conventional role based access control model with the notion of trust levels and incorporates the advantages of both the role basedAccess control model and credential basedaccess control models. Expand
OAuth and ABE based authorization in semi-trusted cloud computing: aauth
In cloud computing, inter-operations between data-storage and web-application providers can protect users from locking their data and applications into a single cloud provider. Currently, web-basedExpand
A Spatio-temporal Access Control Model Supporting Delegation for Pervasive Computing Applications
TLDR
This model is based on RBAC because it simplifies role management and is the de facto access control model for commercial organizations, however, unlike RBAC, it uses information from the environmental contexts to determine access decisions. Expand
An Access Control Model for Ubiquitous Computing Application
TLDR
A trust based access control model to secure ubiquitous computing application is presented and the resource-constrained trust negotiation is addressed to establish initial trust for authenticating strangers. Expand
LRBAC: A Location-Aware Role-Based Access Control Model
TLDR
This paper shows how the Role-Based Access Control (RBAC) model can be extended to incorporate the notion of location and how this location information can be used to determine whether a subject has access to a given object. Expand
Role-Based Access Control
This newly revised edition of the Artech House bestseller, Role-Based Access Control, offers you the very latest details on this sophisticated security model aimed at reducing the cost and complexityExpand
Data leakage mitigation for discretionary access control in collaboration clouds
TLDR
A series of mechanisms to provide defense in depth against information leakage in SaaS collaboration systems are designed, allowing enterprises to encode their organizational security rules as mandatory access control policies, so as to impose coarse-grained restrictions on their employees' discretionary sharing decisions. Expand
Design of a role-based trust-management framework
TLDR
The RT framework, a family of role-based trust management languages for representing policies and credentials in distributed authorization, is introduced, and the semantics of credentials are defined by presenting a translation from credentials to Datalog rules. Expand
Privacy Preserving Access Control with Authentication for Securing Data in Clouds
  • S. Ruj, M. Stojmenovic, A. Nayak
  • Computer Science
  • 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012)
  • 2012
TLDR
In the proposed scheme, the cloud verifies the authenticity of the user without knowing the user's identity before storing information, and the added feature of access control in which only valid users are able to decrypt the stored information. Expand
A generalized temporal role-based access control model
TLDR
This work proposes a generalized temporal role-based access control (GTRBAC) model capable of expressing a wider range of temporal constraints and allows expressing periodic as well as duration constraints on roles, user-role assignments, and role-permission assignments. Expand
...
1
2
3
4
5
...