Resource-centric Dynamic Access Control in Cloud

More and more people prefer to obtain information from cloud. Different users tend to access different resources they interested at anytime across different networks by a variety of equipments. As same as the traditional management of file, the lifecycle theory is still suitable the electronic data in cloud computing. Firstly, we analyze the motivation of access control in cloud, and summarize the security requirements for the data management in the whole lifecycle. Second, we propose a resource-centric dynamic adaptive access control model (RCDA), which is extended from the action-based access control (ABAC). RCDA is able to describe other access control models through the way of customization. Furthermore, we give the scheme for implementation of RCDA. Finally, we make the comparisons between the RCDA and other existing models, and the results indicate that RCDA is able to satisfy the security requirements for the whole lifecycle of data by adaptively adjusting the access control policies.

[1]  Liu Peng,et al.  Research and Implementation of an Extended Administrative Role-Based Access Control Model , 2005 .

[2]  Fenghua Li,et al.  An Action-Based Fine-Grained Access Control Mechanism for Structured Documents and Its Application , 2014, TheScientificWorldJournal.

[3]  Li Li,et al.  An Action Based Access Control Model for Multi-level Security , 2012 .

[4]  M. Auxilia,et al.  A semantic-based access control for ensuring data security in cloud computing , 2012, 2012 International Conference on Radar, Communication and Computing (ICRCC).

[5]  Liang Xiao-yan Action-Based Access Control Model and Administration of Actions , 2008 .

[6]  Ma Jian-feng,et al.  Research Status and Development Trends of Access Control Model , 2012 .

[7]  Vijay Karamcheti,et al.  dRBAC: distributed role-based access control for dynamic coalition environments , 2002, Proceedings 22nd International Conference on Distributed Computing Systems.

[8]  Zhusong Liu A Secure Anonymous Identity-Based Access Control over Cloud Data , 2013, 2013 Fourth International Conference on Emerging Intelligent Data and Web Technologies.

[9]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[10]  Jin Tong,et al.  Attributed based access control (ABAC) for Web services , 2005, IEEE International Conference on Web Services (ICWS'05).

[11]  Hui Li,et al.  PPAS: privacy protection authentication scheme for VANET , 2013, Cluster Computing.

[12]  Gail-Joon Ahn,et al.  Towards temporal access control in cloud computing , 2012, 2012 Proceedings IEEE INFOCOM.

[13]  Nora Cuppens-Boulahia,et al.  Privacy query rewriting algorithm instrumented by a privacy-aware access control model , 2014, Ann. des Télécommunications.

[14]  Abdul Ghafoor,et al.  User Centric Access control policy management framework for Cloud applications , 2013, 2013 2nd National Conference on Information Assurance (NCIA).

[15]  Ma Ju Multi-User Access Control Scheme Based on Resources Hierarchies for Perceptual Layer of IoT , 2014 .

[16]  Xiong Jinbo,et al.  Action-Based Multilevel Access Control for Structured Document , 2013 .

[17]  Liu Hong-Yue,et al.  A Context-Aware Fine-Grained Access Control Model , 2012, 2012 International Conference on Computer Science and Service System.

[18]  Xin Jin,et al.  A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC , 2012, DBSec.

[19]  Edward J. Coyne,et al.  ABAC and RBAC: Scalable, Flexible, and Auditable Access Management , 2013, IT Professional.

[20]  王豐堅,et al.  一個在工作流程系統管理系統中基於Task-Role-Based Access Control Model的代理程序框架 , 2007 .

[21]  R. Ciupa,et al.  International Conference , 2023, In Vitro Cellular & Developmental Biology - Animal.