Robust access control framework for mobile cloud computing network

We propose robust access control framework for a network which has allowed smart devices to be connected to the internal network in order to enable seamless data sharing.Smart device's sensor data such as location, app usage pattern, unlock failures are being considered for access control and data confidentialityThese sensor data and conventional static credentials are combined to develop a secure framework which verifies the users access privileges in run-timeThe algorithm supports both the access control and data confidentiality simultaneously.Algorithms are validated via simulation and the results show that the performance is comparable with existing schemes.Existing schemes are thoroughly surveyed and different between proposed and existing schemes are clearly highlighted. Unified communications has enabled seamless data sharing between multiple devices running on various platforms. Traditionally, organizations use local servers to store data and employees access the data using desktops with predefined security policies. In the era of unified communications, employees exploit the advantages of smart devices and 4G wireless technology to access the data from anywhere and anytime. Security protocols such as access control designed for traditional setup are not sufficient when integrating mobile devices with organization's internal network. Within this context, we exploit the features of smart devices to enhance the security of the traditional access control technique. Dynamic attributes in smart devices such as unlock failures, application usage, location and proximity of devices can be used to determine the risk level of an end-user. In this paper, we seamlessly incorporate the dynamic attributes to the conventional access control scheme. Inclusion of dynamic attributes provides an additional layer of security to the conventional access control. We demonstrate that the efficiency of the proposed algorithm is comparable to the efficiency of the conventional schemes.

[1]  Brent Waters,et al.  Practical constructions and new proof methods for large universe attribute-based encryption , 2013, CCS.

[2]  Paul Dowland,et al.  Behaviour Profiling on Mobile Devices , 2010, 2010 International Conference on Emerging Security Technologies.

[3]  Mohammad Kalantari,et al.  Enhancing security and confidentiality in location-based data encryption algorithms , 2011 .

[4]  Mauro Conti,et al.  ContextOS: A Context Aware Operating System for Mobile Devices , 2013, 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing.

[5]  Muttukrishnan Rajarajan,et al.  Low Complexity Multi-authority Attribute Based Encryption Scheme for Mobile Cloud Computing , 2013, 2013 IEEE Seventh International Symposium on Service-Oriented System Engineering.

[6]  D. Denning,et al.  A Location Based Encryption Technique and Some of Its Applications , 2003 .

[7]  Michael T. Goodrich,et al.  LAAC: A Location-Aware Access Control Protocol , 2006, 2006 Third Annual International Conference on Mobile and Ubiquitous Systems: Networking & Services.

[8]  Mauro Conti,et al.  MOSES: supporting operation modes on smartphones , 2012, SACMAT '12.

[9]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[10]  Muttukrishnan Rajarajan,et al.  LSD-ABAC: Lightweight static and dynamic attributes based access control scheme for secure data access in mobile environment , 2014, 39th Annual IEEE Conference on Local Computer Networks.

[11]  Brent Waters,et al.  Attribute-Based Encryption with Fast Decryption , 2013, Public Key Cryptography.

[12]  Maria Papadaki,et al.  Misuse Detection for Mobile Devices Using Behaviour Profiling , 2011, Int. J. Cyber Warf. Terror..

[13]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[14]  Gordon Thomson BYOD: enabling the chaos , 2012, Netw. Secur..

[15]  Mauro Conti,et al.  MOSES: Supporting and Enforcing Security Profiles on Smartphones , 2014, IEEE Transactions on Dependable and Secure Computing.

[16]  Elisa Bertino,et al.  Enforcing spatial constraints for mobile RBAC systems , 2010, SACMAT '10.

[17]  Mauro Conti,et al.  Demonstrating the effectiveness of MOSES for separation of execution modes , 2012, CCS '12.

[18]  Muttukrishnan Rajarajan,et al.  DIVA - Digital Identity in VANETs: A multi-authority framework for VANETs , 2013, 2013 19th IEEE International Conference on Networks (ICON).

[19]  Mauro Conti,et al.  CRePE: Context-Related Policy Enforcement for Android , 2010, ISC.

[20]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[21]  Elisa Bertino,et al.  TRBAC: a temporal role-based access control model , 2000, RBAC '00.

[22]  Piero A. Bonatti,et al.  ERBAC: event-driven RBAC , 2013, SACMAT '13.

[23]  F. Hansen,et al.  Spatial role-based access control model for wireless networks , 2003, 2003 IEEE 58th Vehicular Technology Conference. VTC 2003-Fall (IEEE Cat. No.03CH37484).

[24]  V. Vijayalakshmi,et al.  Secure Localization Using Elliptic Curve Cryptography in Wireless Sensor Networks , 2008 .

[25]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.

[26]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[27]  Muttukrishnan Rajarajan,et al.  An Analysis of Tracking Settings in Blackberry 10 and Windows Phone 8 Smartphones , 2014, ACISP.

[28]  N. Asokan,et al.  Using context-profiling to aid access control decisions in mobile devices , 2011, 2011 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops).

[29]  Manachai Toahchoodee,et al.  Ensuring spatio-temporal access control for real-world applications , 2009, SACMAT '09.

[30]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[31]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[32]  Radha Poovendran,et al.  Spatial-Temporal Access Control for E-health Services , 2010, 2010 IEEE Fifth International Conference on Networking, Architecture, and Storage.

[33]  Vladimir A. Oleshchuk,et al.  Spatial role-based access control model for wireless networks , 2003, 2003 IEEE 58th Vehicular Technology Conference. VTC 2003-Fall (IEEE Cat. No.03CH37484).

[34]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[35]  Ala I. Al-Fuqaha,et al.  Mobility Support for Geo-Encryption , 2007, 2007 IEEE International Conference on Communications.

[36]  Liang Chen,et al.  TRUMP: A Trusted Mobile Platform for Self-management of Chronic Illness in Rural Areas , 2013, TRUST.

[37]  Mauro Conti,et al.  CRêPE: A System for Enforcing Fine-Grained Context-Related Policies on Android , 2012, IEEE Transactions on Information Forensics and Security.

[38]  Alex Pentland,et al.  Reality mining: sensing complex social systems , 2006, Personal and Ubiquitous Computing.

[39]  Markus Miettinen,et al.  Host-Based Intrusion Detection for Advanced Mobile Devices , 2006, 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06).

[40]  Hsien-Chou Liao,et al.  A New Data Encryption Algorithm Based on the Location of Mobile Users , 2008 .

[41]  Mohammad Kalantari,et al.  Enhancing security and confidentiality on mobile devices by location-based data encryption , 2011, 2011 17th IEEE International Conference on Networks.

[42]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[43]  Indrakshi Ray,et al.  LRBAC: A Location-Aware Role-Based Access Control Model , 2006, ICISS.

[44]  Jeffrey M. Voas,et al.  BYOD: Security and Privacy Considerations , 2012, IT Professional.

[45]  M. Parashar,et al.  Context-aware Dynamic Access Control for Pervasive Applications , 2004 .