Policy Management Engine (PME): A policy-based schema to classify and manage sensitive data in cloud storages

Abstract One of the most challenging issues regarding to the information policy concerns in cloud computing environments is to provide an appropriate level of security for the stored data in cloud storages. In fact, each individual cloud customer needs to be granted reliable security level(s) based on defined details in SLA. The main aim of this paper is to propose multi-level policy-based schema to classify and manage data in cloud storages based on the sensitivity and confidentiality for enhancement of reliability in cloud computing environments. Furthermore, an efficient algorithm has been introduced to ensure the accuracy and authenticity of applying and managing defined policies according to the capabilities of the cloud providers and requirements of cloud customers. The most important characteristic of this model is syntactic and semantic analysis of requested policies by validity engine to provide reliable mapping between security mechanism and requested policies. Moreover, Policy Match Gate and Policy Checkpoint have been introduced to ensure about the policy application processes for all stored data based on defined policies in Security Level Certificate.

[1]  Iraklis Paraskakis,et al.  Ontological Templates for Modelling Security Policies in Cloud Environments , 2016, PCI.

[2]  Lalana Kagal Rei : A Policy Language for the Me-Centric Project , 2002 .

[3]  Daniel Roth,et al.  Web Services Policy Framework (WS- Policy) , 2002 .

[4]  Tim Ebringer,et al.  A Survey of Policy-Based Management Approaches for Service Oriented Systems , 2008, 19th Australian Conference on Software Engineering (aswec 2008).

[5]  Yuh-Jong Hu,et al.  Towards law-aware semantic cloud policies with exceptions for data integration and protection , 2012, WIMS '12.

[6]  Andrea Westerinen,et al.  Policy Core Information Model - Version 1 Specification , 2001, RFC.

[7]  Emil C. Lupu,et al.  A policy deployment model for the Ponder language , 2001, 2001 IEEE/IFIP International Symposium on Integrated Network Management Proceedings. Integrated Network Management VII. Integrated Management Strategies for the New Millennium (Cat. No.01EX470).

[8]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[9]  Touraj Khodadadi,et al.  Cloud computing: Vision, architecture and Characteristics , 2015, 2015 IEEE 6th Control and System Graduate Research Colloquium (ICSGRC).

[10]  Mianxiong Dong,et al.  Ontology-based data semantic management and application in IoT- and cloud-enabled smart homes , 2017, Future Gener. Comput. Syst..

[11]  Amit P. Sheth,et al.  On Using WS-Policy, Ontology, and Rule Reasoning to Discover Web Services , 2004, INTELLCOMM.

[12]  S. Radhikadevi,et al.  A novel approach to enhance multi level security system using encryption with fingerprint in cloud , 2016, 2016 World Conference on Futuristic Trends in Research and Innovation for Social Welfare (Startup Conclave).

[13]  Bing Zeng,et al.  A Task Scheduling Algorithm based on QoS-Driven in Cloud Computing , 2013, ITQM.

[14]  Carlos Becker Westphall,et al.  SLA Perspective in Security Management for Cloud Computing , 2010, 2010 Sixth International Conference on Networking and Services.

[15]  Jeffrey M. Bradshaw,et al.  New Developments in Ontology-Based Policy Management: Increasing the Practicality and Comprehensiveness of KAoS , 2008, 2008 IEEE Workshop on Policies for Distributed Systems and Networks.

[16]  Jeffrey M. Bradshaw,et al.  KAoS policy management for semantic Web services , 2004, IEEE Intelligent Systems.

[17]  Ramin Yahyapour,et al.  Policy Engine as a Service (PEaaS): An Approach to a Reliable Policy Management Framework in Cloud Computing Environments , 2016, 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud).

[18]  Faraz Fatemi Moghaddam,et al.  Cloud computing challenges and opportunities: A survey , 2015, 2015 1st International Conference on Telematics and Future Generation Networks (TAFGEN).

[19]  Morris Sloman,et al.  MANAGING SECURITY IN OBJECT-BASED DISTRIBUTED SYSTEMS USING PONDER , 2000 .

[20]  Emil C. Lupu,et al.  The Ponder Policy Specification Language , 2001, POLICY.

[21]  Giuseppe Di Modica,et al.  Matchmaking semantic security policies in heterogeneous clouds , 2016, Future Gener. Comput. Syst..

[22]  Qingling Wang,et al.  A task scheduling algorithm based on Qos , 2016 .

[23]  Harry Chen,et al.  F-OWL: An Inference Engine for Semantic Web , 2004, FAABS.

[24]  Rajkumar Buyya,et al.  Article in Press Future Generation Computer Systems ( ) – Future Generation Computer Systems Cloud Computing and Emerging It Platforms: Vision, Hype, and Reality for Delivering Computing as the 5th Utility , 2022 .

[25]  Giuseppe Di Modica,et al.  Semantic Security Policy Matching in Service Oriented Architectures , 2011, 2011 IEEE World Congress on Services.

[26]  John Strassner,et al.  Policy Quality of Service (QoS) Information Model , 2003, RFC.