Access Control in Cloud Computing

Data sharing as one of the most popular service applications in cloud computing has received wide attention, which makes the consumers achieve the shared contents whenever and wherever possible. However, the new paradigm of data sharing will also introduce some security issues while it provides much convenience. The data confidentiality, the privacy security, the user key accountability, and the efficiency are hindering its rapid expansion. An effective and secure access control mechanism is becoming one way to deal with this dilemma. In this chapter, the authors focus on presenting a detailed review on the existing access control mechanisms. Then, they explore some potential research issues for the further development of more comprehensive and secure access control schemes. Finally, the authors expect that the topic of access control in cloud computing will attract much more attention from academia and industry.

[1]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[2]  Zhen Liu,et al.  White-Box Traceable Ciphertext-Policy Attribute-Based Encryption Supporting Any Monotone Access Structures , 2013, IEEE Transactions on Information Forensics and Security.

[3]  Qian Wang,et al.  Plutus: Scalable Secure File Sharing on Untrusted Storage , 2003, FAST.

[4]  Mike Thelwall,et al.  Handbook of Research on Web Log Analysis , 2009, J. Assoc. Inf. Sci. Technol..

[5]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[6]  Amanda Spink,et al.  Web Log Analysis: Diversity of Research Methodologies , 2009 .

[7]  Rodrigo Bonacin,et al.  Ontology Mapping Validation: Dealing with an NP-Complete Problem , 2011, Int. J. Web Portals.

[8]  Hovav Shacham,et al.  SiRiUS: Securing Remote Untrusted Storage , 2003, NDSS.

[9]  Hemraj Saini,et al.  Class Level Test Case Generation in Object Oriented Software Testing , 2008, Int. J. Inf. Technol. Web Eng..

[10]  R.T.Subhalakshmi,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing using Attribute-Based Encryption , 2016 .

[11]  Barrie Sosinsky,et al.  Cloud Computing Bible , 2010 .

[12]  Yang Tang,et al.  Secure Overlay Cloud Storage with Access Control and Assured Deletion , 2012, IEEE Transactions on Dependable and Secure Computing.

[13]  Arthur Tatnall Web Technologies: Concepts, Methodologies, Tools and Applications , 2010 .

[14]  Hideki Imai,et al.  Conjunctive Broadcast and Attribute-Based Encryption , 2009, Pairing.

[15]  Yi Mu,et al.  Privacy-Preserved Access Control for Cloud Computing , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.

[16]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[17]  Sushmita Ruj,et al.  Decentralized Access Control with Anonymous Authentication of Data Stored in Clouds , 2014, IEEE Transactions on Parallel and Distributed Systems.

[18]  Jie Wu,et al.  Hierarchical attribute-based encryption for fine-grained access control in cloud storage services , 2010, CCS '10.

[19]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[20]  M V Patil,et al.  HASBE: A HIERARCHICAL ATTRIBUTE-BASED SOLUTION FOR FLEXIBLE AND SCALABLE ACCESS CONTROL IN CLOUD COMPUTING , 2006 .

[21]  Marino Segnan Web Data Management Practices - Emerging Techniques and Technologies , 2007, Comput. J..

[22]  Abdul Raouf Khan,et al.  ACCESS CONTROL IN CLOUD COMPUTING ENVIRONMENT , 2012 .

[23]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[24]  Jin Li,et al.  Privacy-Aware Attribute-Based Encryption with User Accountability , 2009, ISC.

[25]  Gail-Joon Ahn,et al.  Towards temporal access control in cloud computing , 2012, 2012 Proceedings IEEE INFOCOM.

[26]  Xiaohua Jia,et al.  DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems , 2013, IEEE Transactions on Information Forensics and Security.

[27]  Yuqing Zhang,et al.  Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the Cloud , 2013, IEEE Transactions on Parallel and Distributed Systems.

[28]  Min YoungGi,et al.  Cloud Computing Security Issues and Access Control Solutions , 2012 .

[29]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[30]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[31]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[32]  David Taniar,et al.  Mining Association Rules from XML Documents , 2007 .

[33]  Shane Walker,et al.  Whose Questionnaire is It, Anyway? , 2009, Int. J. Inf. Technol. Web Eng..

[34]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[35]  Hing Kai Chan Web Portal Design, Implementation, Integration and Optimization , 2014 .

[36]  Jin Li,et al.  A2BE: Accountable Attribute-Based Encryption for Abuse Free Access Control , 2009, IACR Cryptol. ePrint Arch..

[37]  Sikha Bagui,et al.  Modeling Service Data Objects (SDOs) to the Entity-Relationship (ER) Model , 2012, Int. J. Inf. Technol. Web Eng..

[38]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[39]  Dongqing Xie,et al.  Multi-authority ciphertext-policy attribute-based encryption with accountability , 2011, ASIACCS '11.

[40]  Xiang-Yang Li,et al.  Privacy preserving cloud data access with multi-authorities , 2012, 2013 Proceedings IEEE INFOCOM.

[41]  Zhen Liu,et al.  Blackbox traceable CP-ABE: how to catch people leaking their keys by selling decryption devices on ebay , 2013, CCS.

[42]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[43]  Xinwen Zhang,et al.  CL-PRE: a certificateless proxy re-encryption scheme for secure data sharing with public cloud , 2012, ASIACCS '12.

[44]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[45]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.