Abstract
In recent times, there has been an increasing development of storing data securely in the cloud. The Role-based access control (RBAC) model, a widely used access control model, can provide a flexible way for data owners to manage and share their data in the cloud environment. To enforce the access control policies in the cloud, several cryptographic RBAC schemes have been proposed recently, which integrate cryptographic techniques with RBAC models to secure data storage in an outsourced environment such as a cloud. However, these schemes do not address the issue of trust in such a data storage system. In this paper, we introduce a trust management framework which can enhance the security of data in cloud storage systems using cryptographic RBAC schemes. The trust management framework provides an approach for each party in such a cloud storage system to determine the trustworthiness of other parties. The framework consists of a series of trust models, which (i) enable the users and the data owners to decide whether to interact with a particular role for accessing and sharing data in the system and (ii) allow the role managers to evaluate the trustworthiness of users and data owners. These trust models take into account role inheritance and hierarchy in the evaluation of trustworthiness of the roles. In addition, we present a design of a trust-based cloud storage system which shows how the trust models for users and roles can be integrated into a system that uses cryptographic RBAC schemes.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Akl, S.G., Taylor, P.D.: Cryptographic solution to a problem of access control in a hierarchy. ACM Trans. Comput. Syst. 1(3), 239–248 (1983)
Chakraborty, S., Ray, I.: TrustBAC - integrating trust relationships into the RBAC model for access control in open systems. In: 11th ACM Symposium on Access Control Models and Technologies, SACMAT 2006, pp. 49–58. ACM, 7–9 June 2006
De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Encryption policies for regulating access to outsourced data. ACM Trans. Database Syst. 35(2), 12:1–12:46 (2010)
Feng, F., Lin, C., Peng, D., Li, J.: A trust and context based access control model for distributed systems. In: 10th IEEE International Conference on High Performance Computing and Communications, HPCC 2008, pp. 629–634. IEEE, 25–27 September 2008
Ferraiolo, D.F., Kuhn, D.R.: Role-based access controls. In: Proceedings of the 15th NIST-NCSC National Computer Security Conference, pp. 554–563. National Institute of Standards and Technology, National Computer Security Center, 10–13 October 1992
Jøsang, A., Ismail, R.: The beta reputation system. In: Proceedings of the 15th Bled Conference on Electronic Commerce (2002)
Miklau, G., Suciu, D.: Controlling access to published data using cryptography. In: Proceedings of 29th International Conference on Very Large Data Bases, VLDB 2003, pp. 898–909, 9–12 September 2003
Mui, L., Mohtashemi, M., Ang, C., Szolovits, P., Halberstadt, A.: Ratings in distributed systems: a bayesian approach. In: Workshop on Information Technologies and Systems (2001)
Mui, L., Mohtashemi, M., Halberstadt, A.: A computational model of trust and reputation for e-businesses. In: HICSS, p. 188 (2002)
Samarati, P., De Capitani di Vimercati, S.: Data protection in outsourcing scenarios: issues and directions. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2010, pp. 1–14. ACM, 13–16 April 2010
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Comput. 29(2), 38–47 (1996)
Sandhu, R.S., Ferraiolo, D.F., Kuhn, D.R.: The NIST model for role-based access control: towards a unified standard. In: ACM Workshop on Role-Based Access Control, RBAC00, pp. 47–63 (2000)
Takabi, H., Amini, M., Jalili, R.: Trust-based user-role assignment in role-based access control. In: AICCSA, pp. 807–814. IEEE, 13–16 May 2007
Toahchoodee, M., Abdunabi, R., Ray, I., Ray, I.: A trust-based access control model for pervasive computing applications. In: Gudes, E., Vaidya, J. (eds.) Data and Applications Security XXIII. LNCS, vol. 5645, pp. 307–314. Springer, Heidelberg (2009)
Zhou, L., Varadharajan, V., Hitchens, M.: Enforcing role-based access control for secure data storage in the cloud. Comput. J. 54(13), 1675–1687 (2011)
Zhu, Y., Hu, H., Ahn, G.-J., Wang, H., Wang, S.-B.: Provably secure role-based encryption with revocation mechanism. J. Comput. Sci. Technol. 26(4), 697–710 (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhou, L., Varadharajan, V., Hitchens, M. (2014). A Trust Management Framework for Secure Cloud Data Storage Using Cryptographic Role-Based Access Control. In: Obaidat, M., Filipe, J. (eds) E-Business and Telecommunications. ICETE 2013. Communications in Computer and Information Science, vol 456. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-44788-8_14
Download citation
DOI: https://doi.org/10.1007/978-3-662-44788-8_14
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-44787-1
Online ISBN: 978-3-662-44788-8
eBook Packages: Computer ScienceComputer Science (R0)