An Attribute-Role Based Access Control Mechanism for Multi-tenancy Cloud Environment

Because of the rapid development of software technology, many enterprises require more high-performance hardware to enhance their competitiveness. Cloud computing is the result of distributed computing, grid computing and is gradually being seen as the future solution to the companies. Cloud computing can virtualize existing software and hardware to reduce costs. Thus, enterprises only require high Internet bandwidth and devices to access cloud service on the Internet. This would decrease many overhead costs and reduce IT staff requirement. A cloud environment provider provides many companies to rent a cloud service simultaneously in the provider’s cloud, the technology is named multi-tenancy cloud service. However, how to access resource safely is an important topic if user want to adopt multi-tenancy cloud computing technology. The cloud-computing environment is vulnerable to network-related attacks. This research uses role-based access control authorization mechanism concept and combines it with attribute based access control to determine which tenant that user can access. The enhanced authorization mechanism can improve the safety of cloud computing services and protected the data secret.

[1]  Liang-Jie Zhang,et al.  Enterprise Cloud Service Architecture , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[2]  Ravi S. Sandhu,et al.  A multi-tenant RBAC model for collaborative cloud services , 2013, 2013 Eleventh Annual Conference on Privacy, Security and Trust.

[3]  Zahid Iqbal,et al.  Towards Semantic-Enhanced Attribute-Based Access Control for Cloud Services , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[4]  Amirreza Masoumzadeh,et al.  PuRBAC: Purpose-Aware Role-Based Access Control , 2008, OTM Conferences.

[5]  Der-Jiunn Deng,et al.  Digital forensics in mobile computing system and ubiquitous wireless networks: Guest editorial , 2014 .

[6]  Seog Park,et al.  Task-role-based access control model , 2003, Inf. Syst..

[7]  Ei Ei Mon,et al.  The privacy-aware access control system using attribute-and role-based access control in private cloud , 2011, 2011 4th IEEE International Conference on Broadband Network and Multimedia Technology.

[8]  Robert H. Deng,et al.  HASBE: A Hierarchical Attribute-Based Solution for Flexible and Scalable Access Control in Cloud Computing , 2012, IEEE Transactions on Information Forensics and Security.

[9]  Mehdi Sabbari,et al.  A policy based access control model for web services , 2011, 2011 International Conference for Internet Technology and Secured Transactions.

[10]  Rajendra K. Raj,et al.  Secure Access Control for Health Information Sharing Systems , 2013, 2013 IEEE International Conference on Healthcare Informatics.

[11]  Nils Gruschka,et al.  Attack Surfaces: A Taxonomy for Attacks on Cloud Services , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[12]  Guillermo Navarro-Arribas,et al.  Fuzzy Role-Based Access Control , 2011, Inf. Process. Lett..

[13]  Der-Jiunn Deng,et al.  An Ontology-driven Model for Digital Forensics Investigations of Computer Incidents under the Ubiquitous Computing Environments , 2011, Wirel. Pers. Commun..

[14]  Fatma A. Omara,et al.  Scalable Multi-Tenant Authorization in Highly-Collaborative Cloud Applications , 2013, CloudCom 2013.

[15]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[16]  Elisa Bertino,et al.  A generalized temporal role-based access control model , 2005, IEEE Transactions on Knowledge and Data Engineering.

[17]  Der-Jiunn Deng,et al.  Next Generation of Terrorism: Ubiquitous Cyber Terrorism with the Accumulation of all Intangible Fears , 2009, J. Univers. Comput. Sci..

[18]  Der-Jiunn Deng,et al.  Real-Time Data Delivery Using Prediction Mechanism in Mobile Environments , 2014, Wirel. Pers. Commun..

[19]  Vasudeva Varma,et al.  Towards Analyzing Data Security Risks in Cloud Computing Environments , 2010, ICISTM.

[20]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[21]  Yu Guo,et al.  Multi-Tenancy Based Access Control in Cloud , 2010, 2010 International Conference on Computational Intelligence and Software Engineering.

[22]  Jin Tong,et al.  Attributed based access control (ABAC) for Web services , 2005, IEEE International Conference on Web Services (ICWS'05).

[23]  Walid G. Aref,et al.  A Distributed Access Control Architecture for Cloud Computing , 2012, IEEE Software.

[24]  Fan Hong,et al.  An Attribute-Based Access Control Model for Web Services , 2006, PDCAT.

[25]  Der-Jiunn Deng,et al.  An efficient route scheduling mechanism for WiMAX network , 2014, Knowl. Eng. Rev..

[26]  Le Xuan Hung,et al.  An enhancement of the Role-Based Access Control model to facilitate information access management in context of team collaboration and workflow , 2012, J. Biomed. Informatics.