Proceedings Article10.1109/ICITST.2013.6750274
Access control in probative value Cloud
Mounira Msahli,Rached Abdeljaoued,Ahmed Serhrouchni +2 more
- 01 Dec 2013
- pp 607-611
5
TL;DR: This paper uses six entities proposed in the UCONABC: Object, Subject, Right, Authorization, oBligation and Condition to model the access control management in the gSafe project and presents the XML scheme containing metadata for stored files and users' access authorizations.
read more
Abstract: Access Control over large scale distributed system like Cloud computing are one of the most debated topics of computer security. Despite the common use and the popularity of the Cloud computing paradigm, significant risks and challenges are inherent to this new concept, especially when we talk about storage of sensitive data via insecure network. In this paper we look at the problem of protecting data from unauthorized access to the Cloud in the context of gSafe (government Safe) project. Indeed, gSafe project defines essential basic units for a probative storage Cloud. The cornerstone of the efficient cloud security architecture is a well-written access control policy. In today's information technology, many models of access control have been proposed like the Mandatory Access Control (MAC), Discretionary Access Control (DAC), Role-Based Access Control (RBAC) and the latest one Usage Control Authorization, oBligation and Condition (UCON ABC ). In this paper we use six entities proposed in the UCON ABC : Object, Subject, Right, Authorization, oBligation and Condition to model the access control management in the gSafe project. Then we present the XML scheme containing metadata for stored files and users' access authorizations. The proposed solution is validated and implemented over Hadoop distributed file system.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Survey of access control models and technologies for cloud computing
TL;DR: This paper surveys access control models and policies in different application scenarios, especially for cloud computing, by following the development of the internet as the main line and by examining different network environments and user requirements.
75
Profile centric modelling
Mounira Msahli,Ahmed Serhrouchni +1 more
TL;DR: This paper presents the profile centric access control model, defined by the access profile which is the combination of authorisation, obligation and condition in order to resolve the implementation problem of UCONABC.
2
A Design of Cross-Realm Authentication Scheme in Openstack Based on Declaration
Yaping Chi,Yongning Qin,Shuhao Li,Gefei Li +3 more
- 01 Oct 2018
TL;DR: The cross-realm authentication scheme uses SAML protocol to exchange user identity information between different domains, which ensures versatility and security of the system and realizes seamlessly secure communication between different security domains.
1
Augmentation in UCON Access Control Model for E-Healthcare Domain
Manoj Kumar,Nidhi Joshi,Deepak Kumar +2 more
- 14 Jun 2018
TL;DR: This paper proposes an enhanced architecture of UCON model using cloud infrastructure that can scale effectively as per user demand, isolates sensitive and non-sensitive data, and ensures data transmission via secure network.
1
A Multi-Tenant Access Control Method Based on Environmental Attributes and Security Labels
Yubing Duan,Xiaolei Deng,Haosen Yang +2 more
- 23 Jun 2021
TL;DR: Wang et al. as mentioned in this paper proposed a multi-tenant access control method based on environmental attributes and security labels, which can achieve fine-grained access control and more flexible access control granularity.
References
Role-based access control models
TL;DR: Why RBAC is receiving renewed attention as a method of security administration and review is explained, a framework of four reference models developed to better understandRBAC is described, and the use of RBAC to manage itself is discussed.
6.1K
Cloud computing: state-of-the-art and research challenges
Qi Zhang,Lu Cheng,Raouf Boutaba +2 more
TL;DR: A survey of cloud computing is presented, highlighting its key concepts, architectural principles, state-of-the-art implementation as well as research challenges to provide a better understanding of the design challenges of cloud Computing and identify important research directions in this increasingly important area.
Protection in operating systems
TL;DR: A model of protection mechanisms in computing systems is presented and its appropriateness is argued and it can be shown that this problem is decidable, i.e. there is an algorithm to determine whether a system in a particular configuration is safe.
1.2K
The structure of the “THE”-multiprogramming system
TL;DR: A multiprogramming system is described in which all activities are divided over a number of sequential processes, in each of which one or more independent abstractions have been implemented.
1.2K
The UCONABC usage control model
Jaehong Park,Ravi Sandhu +1 more
TL;DR: This paper introduces the family of UCONABC models for usage control (UCON), which integrate Authorizations, oBligations, and Conditions (C), and addresses the essence of U CON, leaving administration, delegation, and other important but second-order issues for later work.