Ontology Centric Access Control Mechanism for Enabling Data Protection in Cloud

Background: Cloud computing provides access to a large scale of resources. Access control is the indispensable requirement for protecting cloud resource. A cloud service provider is responsible for enforcing access control and they normally rely upon conventional access control mechanisms. Methods: These access control policies, consider the access control primitives in separation which may lead to abuse of access control. These aforesaid problems motivated our research to center around the provision of access control by considering the association among the three access control primitives namely the user making access request, resource upon which access is requested and operation performed by the user on the resource. Hence Ontology Centric Access Control (OCAC) is being proposed in this paper. Findings: This OCAC circulates authorization rules among the primitives of access control say subject, object and action by reducing the various associations among the associations among the access control elements; it is observed that there is less chance for security violation. Ontology is used since it reduces the times of agreement while exchanging the authorization policies across the security domains. For reducing the number of statements and rules in policy base, subsumption property is used. This reduces the space and time complexity. Applications/Improvements: We are applying our work to protect bank data as banks are embracing clouds to store huge data by cutting their IT costs.

[1]  Muttukrishnan Rajarajan,et al.  Secure data access in cloud computing , 2010, 2010 IEEE 4th International Conference on Internet Multimedia Services Architecture and Application.

[2]  Kai Zhao,et al.  Towards an Approach of Semantic Access Control for Cloud Computing , 2009, CloudCom.

[3]  Hong Sun,et al.  Role-based Access Control Using Ontology in Cloud Storage , 2014 .

[4]  Marcos A. Simplício,et al.  A Quantitative Analysis of Current Security Concerns and Solutions for Cloud Computing , 2011, CloudCom.

[5]  S. Vigneshwari,et al.  Social Information Retrieval Based on Semantic Annotation and Hashing upon the Multiple Ontologies , 2015 .

[6]  Vincent C. Hu,et al.  Security policy verification for multi-domains in cloud systems , 2014, International Journal of Information Security.

[7]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[8]  Nai-Wei Lo,et al.  An Attribute-Role Based Access Control Mechanism for Multi-tenancy Cloud Environment , 2015, Wirel. Pers. Commun..

[9]  Junho Choi,et al.  Ontology-based access control model for security policy reasoning in cloud computing , 2013, The Journal of Supercomputing.

[10]  Gail-Joon Ahn,et al.  Discovery and Resolution of Anomalies in Web Access Control Policies , 2013, IEEE Transactions on Dependable and Secure Computing.

[11]  Chen Wei Access control security model based on behavior in cloud computing environment , 2012 .

[12]  Mário M. Freire,et al.  Security issues in cloud environments: a survey , 2014, International Journal of Information Security.

[13]  Eduardo B. Fernández,et al.  An analysis of security issues for cloud computing , 2013, Journal of Internet Services and Applications.

[14]  Martin Gilje Jaatun,et al.  Beyond lightning: A survey on security challenges in cloud computing , 2013, Comput. Electr. Eng..

[15]  Junho Choi,et al.  A Design of Onto-ACM(Ontology based Access Control Model) in Cloud Computing Environments , 2012, J. Internet Serv. Inf. Secur..

[16]  Lifa Wu,et al.  Context-Aware Access Control Model for Cloud Computing , 2013 .

[17]  Yuh-Jong Hu,et al.  Semantics-enabled Policies for Super-Peer Data Integration and Protection , 2012, Int. J. Comput. Sci. Appl..

[18]  Yu Guo,et al.  Multi-Tenancy Based Access Control in Cloud , 2010, 2010 International Conference on Computational Intelligence and Software Engineering.

[19]  David M. Nicol,et al.  Trust mechanisms for cloud computing , 2013, Journal of Cloud Computing: Advances, Systems and Applications.

[20]  Marcos A. Simplício,et al.  A quantitative analysis of current security concerns and solutions for cloud computing , 2011, 2011 IEEE Third International Conference on Cloud Computing Technology and Science.

[21]  Gail-Joon Ahn,et al.  Security and Privacy Challenges in Cloud Computing Environments , 2010, IEEE Security & Privacy.