Modelling operations and security of cloud systems using Z-notation and Chinese Wall security policy

ABSTRACT Enterprises are increasingly using cloud computing for hosting their applications. Availability of fast Internet and cheap bandwidth are causing greater number of people to use cloud-based services. This has the advantage of lower cost and minimum maintenance. However, ensuring security of user data and proper management of cloud infrastructure remain major areas of concern. Existing techniques are either too complex, or fail to properly represent the actual cloud scenario. This article presents a formal cloud model using the constructs of Z-notation. Principles of the Chinese Wall security policy have been applied to design secure cloud-specific operations. The proposed methodology will enable users to safely host their services, as well as process sensitive data, on cloud.

[1]  Imad M. Abbadi Clouds' Infrastructure Taxonomy, Properties, and Management Services , 2011, ACC.

[2]  J. Michael Spivey,et al.  The Z notation - a reference manual , 1992, Prentice Hall International Series in Computer Science.

[3]  Kuo-Sen Chou,et al.  A practical Chinese wall security model in cloud computing , 2011, 2011 13th Asia-Pacific Network Operations and Management Symposium.

[4]  Chuchang Liu,et al.  Access Control Models and Security Labelling , 2007, ACSC.

[5]  K. Chandra Sekaran,et al.  Securing cloud workflows using Aggressive Chinese Wall Security Policy , 2014, 2014 First International Conference on Networks & Soft Computing (ICNSC2014).

[6]  Vijay Kumar Chaurasiya,et al.  Implementation of Chinese wall model in cloud computing for enhanced security , 2011 .

[7]  Wei Tan,et al.  SLA-based optimisation of virtualised resource for multi-tier web applications in cloud data centres , 2015, Enterp. Inf. Syst..

[8]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[9]  Hongming Cai,et al.  The design of an m-Health monitoring system based on a cloud computing platform , 2017, Enterp. Inf. Syst..

[10]  Victor I. Chang,et al.  A Categorisation of Cloud Computing Business Models , 2010, 2010 10th IEEE/ACM International Conference on Cluster, Cloud and Grid Computing.

[11]  Huaqun Wang,et al.  Identity-Based Proxy-Oriented Data Uploading and Remote Data Integrity Checking in Public Cloud , 2016, IEEE Transactions on Information Forensics and Security.

[12]  Chi-Lun Liu Cloud service access control system based on ontologies , 2014, Adv. Eng. Softw..

[13]  Madjid Merabti,et al.  An access control model for cloud computing , 2014, J. Inf. Secur. Appl..

[14]  Jie Wu,et al.  Time-based proxy re-encryption scheme for secure data sharing in a cloud environment , 2014, Inf. Sci..

[15]  Rajkumar Buyya,et al.  SLA-Based Resource Allocation for Software as a Service Provider (SaaS) in Cloud Computing Environments , 2011, 2011 11th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing.

[16]  Rajkumar Buyya,et al.  Article in Press Future Generation Computer Systems ( ) – Future Generation Computer Systems Cloud Computing and Emerging It Platforms: Vision, Hype, and Reality for Delivering Computing as the 5th Utility , 2022 .

[17]  Indrakshi Ray,et al.  Auditing Requirements for Implementing the Chinese Wall Model in the Service Cloud , 2013, 2013 IEEE Ninth World Congress on Services.

[18]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[19]  Cheng Wang,et al.  Applications integration in a hybrid cloud computing environment: modelling and platform , 2013, Enterp. Inf. Syst..

[20]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[21]  Abhishek Majumder,et al.  Taxonomy and Classification of Access Control Models for Cloud Environments , 2014 .

[22]  Yang Luo,et al.  Sift - An Efficient Method for Co-residency Detection on Amazon EC2 , 2016, ICISSP.

[23]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[24]  Hhs Centers for Medicare Medicare Services Health insurance reform: security standards. Final rule. , 2003, Federal register.