Intercrossed Access Controls for Secure Financial Services on Multimedia Big Data in Cloud Systems

The dramatically growing demand of Cyber Physical and Social Computing (CPSC) has enabled a variety of novel channels to reach services in the financial industry. Combining cloud systems with multimedia big data is a novel approach for Financial Service Institutions (FSIs) to diversify service offerings in an efficient manner. However, the security issue is still a great issue in which the service availability often conflicts with the security constraints when the service media channels are varied. This paper focuses on this problem and proposes a novel approach using the Semantic-Based Access Control (SBAC) techniques for acquiring secure financial services on multimedia big data in cloud computing. The proposed approach is entitled IntercroSsed Secure Big Multimedia Model (2SBM), which is designed to secure accesses between various media through the multiple cloud platforms. The main algorithms supporting the proposed model include the Ontology-Based Access Recognition (OBAR) Algorithm and the Semantic Information Matching (SIM) Algorithm. We implement an experimental evaluation to prove the correctness and adoptability of our proposed scheme.

[1]  João H. Kleinschmidt,et al.  Mitigating On-Off Attacks in the Internet of Things Using a Distributed Trust Management Scheme , 2015, Int. J. Distributed Sens. Networks.

[2]  Eric Torng,et al.  Compressing Network Access Control Lists , 2011, IEEE Transactions on Parallel and Distributed Systems.

[3]  ALESSANDRA TONINELLI,et al.  Enabling secure service discovery in mobile healthcare enterprise networks , 2009, IEEE Wireless Communications.

[4]  Hung-Min Sun,et al.  oPass: A User Authentication Protocol Resistant to Password Stealing and Password Reuse Attacks , 2012, IEEE Transactions on Information Forensics and Security.

[5]  P. Ifinedo An Exploratory Study of the Relationships between Selected Contextual Factors and Information Security Concerns in Global Financial Services Institutions , 2011 .

[6]  Angelos D. Keromytis,et al.  Dynamic Trust Management , 2009, Computer.

[7]  Keke Gai,et al.  Intrusion detection techniques for mobile cloud computing in heterogeneous 5G , 2016, Secur. Commun. Networks.

[8]  Gail-Joon Ahn,et al.  Multiparty Access Control for Online Social Networks: Model and Mechanisms , 2013, IEEE Transactions on Knowledge and Data Engineering.

[9]  Keke Gai,et al.  Proactive user-centric secure data scheme using attribute-based semantic access controls for mobile clouds in financial industry , 2018, Future Gener. Comput. Syst..

[10]  Meikang Qiu,et al.  Cost minimization while satisfying hard/soft timing constraints for heterogeneous embedded systems , 2009, TODE.

[11]  Indrakshi Ray Applying semantic knowledge to real-time update of access control policies , 2005, IEEE Transactions on Knowledge and Data Engineering.

[12]  A. Muthukumaravel,et al.  Ensuring Distributed Accountability for Data Sharing in Cloud , 2014 .

[13]  Walid G. Aref,et al.  Accuracy-Constrained Privacy-Preserving Access Control Mechanism for Relational Data , 2014, IEEE Transactions on Knowledge and Data Engineering.

[14]  Samir Tata,et al.  The Integration of Corporate Security Strategies in Collaborative Business Processes , 2011, IEEE Transactions on Services Computing.

[15]  Óscar Corcho,et al.  A Semantically Enhanced UPnP Control Point for Sharing Multimedia Content , 2011, IEEE Internet Computing.

[16]  R. Yamini,et al.  Captcha as Graphical Passwords—a New Security Primitive Based on Hard AI Problems , 2015 .

[17]  Keke Gai,et al.  A Reusable Software Component for Integrated Syntax and Semantic Validation for Services Computing , 2015, 2015 IEEE Symposium on Service-Oriented System Engineering.

[18]  Jinjun Chen,et al.  KASR: A Keyword-Aware Service Recommendation Method on MapReduce for Big Data Applications , 2014, IEEE Transactions on Parallel and Distributed Systems.

[19]  Princely Ifinedo,et al.  The effects of national culture on the assessment of information security threats and controls in financial services industry , 2014, Int. J. Electron. Bus. Manag..

[20]  Meikang Qiu,et al.  Privacy Protection for Preventing Data Over-Collection in Smart City , 2016, IEEE Transactions on Computers.

[21]  Martin Gogolla,et al.  Analyzing and Managing Role-Based Access Control Policies , 2008, IEEE Transactions on Knowledge and Data Engineering.

[22]  Puneet Gupta,et al.  Abductive Analysis of Administrative Policies in Rule-Based Access Control , 2014, IEEE Transactions on Dependable and Secure Computing.

[23]  Alexander Fay,et al.  Software Support for Building Automation Requirements Engineering—An Application of Semantic Web Technologies in Automation , 2011, IEEE Transactions on Industrial Informatics.

[24]  Hua Wang,et al.  Semantic access control for cloud computing based on e-Healthcare , 2012, Proceedings of the 2012 IEEE 16th International Conference on Computer Supported Cooperative Work in Design (CSCWD).

[25]  Steve Barker,et al.  Access Control with Privacy Enhancements a Unified Approach , 2012, IEEE Transactions on Dependable and Secure Computing.

[26]  Dimitrios Zissis,et al.  Addressing cloud computing security issues , 2012, Future Gener. Comput. Syst..

[27]  Liang-Chu Chen,et al.  Comprehensive Security Integrated Model and Ontology within Cloud Computing , 2013 .

[28]  James A. Thom,et al.  Authorization Control for a Semantic Data Repository through an Inference Policy Engine , 2013, IEEE Transactions on Dependable and Secure Computing.

[29]  Min Chen,et al.  Energy Efficient Security Algorithm for Power Grid Wide Area Monitoring System , 2011, IEEE Transactions on Smart Grid.

[30]  Jinjun Chen,et al.  HireSome-II: Towards Privacy-Aware Cross-Cloud Service Composition for Big Data Applications , 2015, IEEE Transactions on Parallel and Distributed Systems.

[31]  Keke Gai,et al.  Dynamic energy-aware cloudlet-based mobile cloud computing model for green computing , 2016, J. Netw. Comput. Appl..

[32]  Keke Gai,et al.  Proactive Attribute-based Secure Data Schema for Mobile Cloud in Financial Industry , 2015, 2015 IEEE 17th International Conference on High Performance Computing and Communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security, and 2015 IEEE 12th International Conference on Embedded Software and Systems.

[33]  Yu-Ting Pai,et al.  Sub-Trees Modification of Huffman Coding for Stuffing Bits Reduction and Efficient NRZI Data Transmission , 2012, IEEE Transactions on Broadcasting.

[34]  Keke Gai,et al.  Towards Cloud Computing: A Literature Review on Cloud Computing and Its Development Trends , 2012, 2012 Fourth International Conference on Multimedia Information Networking and Security.

[35]  Christophe Champod,et al.  Vulnerabilities of fingerprint reader to fake fingerprints attacks. , 2011, Forensic science international.

[36]  Keke Gai,et al.  Phase-Change Memory Optimization for Green Cloud with Genetic Algorithm , 2015, IEEE Transactions on Computers.

[37]  Andrés Marín López,et al.  Enhancing privacy and dynamic federation in IdM for consumer cloud computing , 2012, IEEE Transactions on Consumer Electronics.