A Trust Management Framework for Secure Cloud Data Storage Using Cryptographic Role-Based Access Control

In recent times, there has been an increasing development of storing data securely in the cloud. The Role-based access control (RBAC) model, a widely used access control model, can provide a flexible way for data owners to manage and share their data in the cloud environment. To enforce the access control policies in the cloud, several cryptographic RBAC schemes have been proposed recently, which integrate cryptographic techniques with RBAC models to secure data storage in an outsourced environment such as a cloud. However, these schemes do not address the issue of trust in such a data storage system. In this paper, we introduce a trust management framework which can enhance the security of data in cloud storage systems using cryptographic RBAC schemes. The trust management framework provides an approach for each party in such a cloud storage system to determine the trustworthiness of other parties. The framework consists of a series of trust models, which (i) enable the users and the data owners to decide whether to interact with a particular role for accessing and sharing data in the system and (ii) allow the role managers to evaluate the trustworthiness of users and data owners. These trust models take into account role inheritance and hierarchy in the evaluation of trustworthiness of the roles. In addition, we present a design of a trust-based cloud storage system which shows how the trust models for users and roles can be integrated into a system that uses cryptographic RBAC schemes.

[1]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[2]  Ravi S. Sandhu,et al.  The NIST model for role-based access control: towards a unified standard , 2000, RBAC '00.

[3]  Audun Jøsang,et al.  AIS Electronic Library (AISeL) , 2017 .

[4]  Morteza Amini,et al.  Trust-Based User-Role Assignment in Role-Based Access Control , 2007, 2007 IEEE/ACS International Conference on Computer Systems and Applications.

[5]  Gail-Joon Ahn,et al.  Provably Secure Role-Based Encryption with Revocation Mechanism , 2011, Journal of Computer Science and Technology.

[6]  Indrajit Ray,et al.  TrustBAC: integrating trust relationships into the RBAC model for access control in open systems , 2006, SACMAT '06.

[7]  Vijayalakshmi Atluri,et al.  Role-based Access Control , 1992 .

[8]  Peter Szolovits,et al.  Ratings in Distributed Systems: A Bayesian Approach , 2002 .

[9]  D. Richard Kuhn,et al.  Role-Based Access Controls , 2009, ArXiv.

[10]  Indrajit Ray,et al.  A Trust-Based Access Control Model for Pervasive Computing Applications , 2009, DBSec.

[11]  Vijay Varadharajan,et al.  Enforcing Role-Based Access Control for Secure Data Storage in the Cloud , 2011, Comput. J..

[12]  Lik Mui,et al.  A Computational Model of Trust and Reputation for E-businesses , 2002 .

[13]  Dan Suciu,et al.  Controlling Access to Published Data Using Cryptography , 2003, VLDB.

[14]  Junshan Li,et al.  A Trust and Context Based Access Control Model for Distributed Systems , 2008, 2008 10th IEEE International Conference on High Performance Computing and Communications.

[15]  Sushil Jajodia,et al.  Encryption policies for regulating access to outsourced data , 2010, TODS.

[16]  Selim G. Akl,et al.  Cryptographic solution to a problem of access control in a hierarchy , 1983, TOCS.

[17]  Sabrina De Capitani di Vimercati,et al.  Data protection in outsourcing scenarios: issues and directions , 2010, ASIACCS '10.