Naming Convention Scheme for Role Based Access Control in Cloud Based ERP Platforms

Cloud computing users can use at the same time the same cloud service. So, there is a need for having an access control mechanism to ensure that each user cannot access any sensitive data of other users. Several access control models have been proposed for cloud computing. However, these models need to be efficient and scalable due to increased workload (e.g., users, policies, etc.) in the cloud. This paper presents a role based access control model (RBAC) for cloud computing based on naming convention (NC) concept. The WSLA specification language is used for SLAs specification. A naming convention role based access control (NC-RBAC) is presented by modifying the standard RBAC to support the NC. Then, the proposed framework is designed based on the NC-RBAC to offer a simplified designed for the system administration of security in a large institution where there are many users is challenging to control access to resources. The proposed framework is implemented and its efficiency and scalability are measured using an experiment study. The result shows that the proposed framework provides an efficient and scalable access control for cloud computing while provides an administrator with an efficient and simple search method for classifying the cloud users.

[1]  Young-Sik Jeong,et al.  A survey on cloud computing security: Issues, threats, and solutions , 2016, J. Netw. Comput. Appl..

[2]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[3]  Ninghui Li,et al.  Beyond proof-of-compliance: security analysis in trust management , 2005, JACM.

[4]  Vipul Kashyap,et al.  OBSERVER: An Approach for Query Processing in Global Information Systems Based on Interoperation Across Pre-Existing Ontologies , 2000, Distributed and Parallel Databases.

[5]  Vijay Varadharajan,et al.  Achieving Secure Role-Based Access Control on Encrypted Data in Cloud Storage , 2013, IEEE Transactions on Information Forensics and Security.

[6]  Wei-Tek Tsai,et al.  Role-Based Access-Control Using Reference Ontology in Clouds , 2011, 2011 Tenth International Symposium on Autonomous Decentralized Systems.

[7]  Cees T. A. M. de Laat,et al.  Multi-tenant attribute-based access control for cloud infrastructure services , 2016, J. Inf. Secur. Appl..

[8]  Mohammad Nauman,et al.  On Usage Control of Multimedia Content in and through Cloud Computing Paradigm , 2010, 2010 5th International Conference on Future Information Technology.

[9]  S. Thamarai Selvi,et al.  Trust management system for grid and cloud resources , 2009, 2009 First International Conference on Advanced Computing.

[10]  Tsung-Yi Chen,et al.  Knowledge sharing in virtual enterprises via an ontology-based access control approach , 2008, Comput. Ind..

[11]  Heiner Stuckenschmidt,et al.  Ontology-Based Integration of Information - A Survey of Existing Approaches , 2001, OIS@IJCAI.

[12]  Ali Mamat,et al.  TC-enabled and distributed cloud computing access control model , 2014 .

[13]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[14]  Kai Zhao,et al.  Towards an Approach of Semantic Access Control for Cloud Computing , 2009, CloudCom.

[15]  Kun Gao,et al.  Reduct algorithm based execution times prediction in knowledge discovery cloud computing environment , 2014, Int. Arab J. Inf. Technol..