Toward a New Extension of the Access Control Model ABAC for Cloud Computing
Cloud computing is the new technology in open and distributed systems, recently adopted by many IT companies and business organizations. In such systems, there are usually a large number of users in different domains having their own policies, which make many problems arise as degradation or loss of information access control, theft or unauthorized use of information, as well as quality of services problems, traceability and accountability. Data access using various resources requires a user authentication, access control model for integrated management and control in cloud computing environments. The traditional access control models that are identity based are closed and inflexible. In this paper we present an overview of access control models with comparative and analysis to retrieve a suitable model for such environment. An extended Attribute based Access Control (ABAC) model is proposed by introducing the concept of privacy aware to retrieve a new efficient advanced model that can provide a more flexible, privacy and integrity model.
KeywordsCloud computing Security Access control model Privacy aware
Unable to display preview. Download preview PDF.
- 3.Kiyomoto, S., Fukushima, K., Miyake, Y.: Towards secure cloud computing architecture—a solution based on software protection mechanism. J. Internet Serv. Inf. Secur. 1(1), 4–17 (2011)Google Scholar
- 4.Pieters, W.: Representing humans in system security models: an actor-network approach. J. Wirel. Mobile Netw. Ubiquitous Comput. Depend. Appl. 2(1), 75–92 (2011)Google Scholar
- 6.Li, X., He, J.: A user-centric method for data privacy protection in cloud computing. In: 2011 International Conference on Computer, Electrical, and Systems Sciences and Engineering, pp. 355–358 (2011)Google Scholar
- 7.Faraji, M.S.: Identity and Access Management in Multi-tier Cloud Infrastructure, thesis (2013)Google Scholar
- 8.Karp, A.H., Haury, H., Davis, M.H.: From ABAC to ZBAC: The Evolution of Access Control Models. HP Laboratories-2009-30Google Scholar
- 13.Kalajainen, T.: An access control model in a semantic data structure: case process modelling of a bleaching line. Department of Computer Science and Engineering (2007)Google Scholar
- 14.Nabeel Tahir, M.: C-RBAC: Contextual role-based access control model. Ubiquitous Comput. Commun. J. 2(3), 67–74 (2007)Google Scholar
- 17.Stermsek, G., Stremmbeck, M., Neumann, G.: Using Subject- and Object-specific Attrubutes for Access Control in Web-based Knowledge Management SystemGoogle Scholar
- 18.Ubale, S.A., Apte, S.S.: Comparison of ACL Based Security Models for securing resources for Windows operating system. IJSHRE 2(6), 63Google Scholar
- 19.Punithasurya, K., Jeba Priya, S.: Analysis of Different Access Control Mechanism in Cloud. International Journal of Applied Information Systems (IJAIS) 4(2) September 2012. ISSN: 2249-0868 Foundation of Computer Science FCS, New York, USAGoogle Scholar
Open Access This chapter is licensed under the terms of the Creative Commons Attribution-NonCommercial 2.5 International License (http://creativecommons.org/licenses/by-nc/2.5/), which permits any noncommercial use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.
The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.