scholarly journals Secure Outsourced Medical Data against Unexpected Leakage with Flexible Access Control in a Cloud Storage System

2020 ◽  
Vol 2020 ◽  
pp. 1-20
Author(s):  
Xingguang Zhou ◽  
Jianwei Liu ◽  
Zongyang Zhang ◽  
Qianhong Wu
Keyword(s):  
Access Control ◽  
Medical Records ◽  
Cloud Storage ◽  
Storage System ◽  
Role Based Access Control ◽  
Security Model ◽  
Access Policy ◽  
Fine Grained ◽  
Privacy Leakage ◽  
Role Based

The application of cloud storage system has been deployed widely in recent years. A lot of electronic medical records (EMRs) are collected and uploaded to the cloud for scalable sharing among the authority users. It is necessary to guarantee the confidentiality of EMRs and the privacy of EMR owners. To achieve this target, we summarize a series of attack behaviors in the cloud storage system and present the security model against many types of unexpected privacy leakage. Privacy of unassailed EMRs is guaranteed in this model, and the influence of privacy leakage is controlled in a certain scope. We also propose a role-based access control scheme to achieve flexible access control on these private EMRs. One can access medical records only if his/her role satisfies the defined access policy, which implies a fine-grained access control. Theoretical and experimental analyses show the efficiency of our scheme in terms of computation and communication.

Improving the Information Security of Collaborative Web Portals via Fine-Grained Role-Based Access Control

2010 ◽  
pp. 430-448
Author(s):  
S. Demurjian ◽  
H. Ren ◽  
S. Berhe ◽  
M. Devineni ◽  
Sushil Vegad ◽  
...  
Keyword(s):  
Access Control ◽  
Full Range ◽  
Coarse Grained ◽  
Role Based Access Control ◽  
Security Model ◽  
Web Portals ◽  
Web Based ◽  
Fine Grained ◽  
Role Based ◽  
The Look

Collaborative portals are emerging as a viable technology to allow groups of individuals to easily author, create, update, and share content via easy-to-use Web-based interfaces, for example, MediaWiki, Microsoft’s Sharepoint, and so forth. From a security perspective, these products are often limited and coarse grained in their authorization and authentication. For example, in a Wiki, the security model is often at two ends of the spectrum: anonymous users with no authorization and limited access via readonly browsing vs. registered users with full-range of access and limited oversight in content creation and modification. However, in practice, such full and unfettered access may not be appropriate for all users and for all applications, particularly as the collaborative technology moves into commercial usage (where copyright and intellectual property are vital) or sensitive domains such as healthcare (which ushave stringent HIPAA requirements). In this chapter, we report on our research and development effort of a role-based access control for collaborative Web portals that encompasses and realizes security at the application level, the document level (authoring and viewing), and the look-and-feel of the portal itself.

scholarly journals Developing Secure Cloud Storage System by Applying AES and RSA Cryptography Algorithms with Role based Access Control Model

2015 ◽  
Vol 118 (12) ◽  
pp. 46-52 ◽  
Author(s):  
Bokefode JayantD. ◽  
Ubale Swapnaja A. ◽  
Pingale Subhash V. ◽  
Karande Kailash J. ◽  
Apate Sulabha S.
Keyword(s):  
Access Control ◽  
Cloud Storage ◽  
Storage System ◽  
Control Model ◽  
Role Based Access Control ◽  
Access Control Model ◽  
Secure Cloud Storage ◽  
Role Based ◽  
Rsa Cryptography

Improving the Information Security of Collaborative Web Portals via Fine-Grained Role-Based Access Control

2013 ◽  
pp. 461-478
Author(s):  
S. Demurjian ◽  
H. Ren ◽  
S. Berhe ◽  
M. Devineni ◽  
Sushil Vegad ◽  
...  
Keyword(s):  
Access Control ◽  
Full Range ◽  
Coarse Grained ◽  
Role Based Access Control ◽  
Security Model ◽  
Web Portals ◽  
Web Based ◽  
Fine Grained ◽  
Role Based ◽  
The Look

Collaborative portals are emerging as a viable technology to allow groups of individuals to easily author, create, update, and share content via easy-to-use Web-based interfaces, for example, MediaWiki, Microsoft’s Sharepoint, and so forth. From a security perspective, these products are often limited and coarse grained in their authorization and authentication. For example, in a Wiki, the security model is often at two ends of the spectrum: anonymous users with no authorization and limited access via read-only browsing vs. registered users with full-range of access and limited oversight in content creation and modification. However, in practice, such full and unfettered access may not be appropriate for all users and for all applications, particularly as the collaborative technology moves into commercial usage (where copyright and intellectual property are vital) or sensitive domains such as healthcare (which have stringent HIPAA requirements). In this chapter, we report on our research and development effort of a role-based access control for collaborative Web portals that encompasses and realizes security at the application level, the document level (authoring and viewing), and the look-and-feel of the portal itself.

scholarly journals Hybrid Role and Attribute Based Access Control Applied in Information Systems

2021 ◽  
Vol 21 (3) ◽  
pp. 85-96
Author(s):  
Maria Penelova
Keyword(s):  
Information Systems ◽  
Access Control ◽  
Accounting Information ◽  
Role Based Access Control ◽  
Accounting Information System ◽  
Fine Grained ◽  
Proposed Model ◽  
Control Scheme ◽  
Attribute Based Access Control ◽  
Role Based

Abstract It this paper it is proposed a new access control model – Hybrid Role and Attribute Based Access Control (HRABAC). It is an extension of Role-Based Access Control (RBAC). HRABAC is designed for information systems and enterprise software and combines the advantages of RBAC and Attribute-Based Access Control (ABAC). HRABAC is easy configurable, fine-grained and supports role hierarchies. The proposed model HRABAC describes the access control scheme in Laravel package laravelroles/rolespermissions, which is developed by the author of the paper, as an answer to the requirements of practice of fine-grained and easy configurable access control solution. Laravel is chosen, because it is the most popular and the most widely used PHP framework. The package laravelroles/rolespermissions is developed on Laravel so that maximum number of programmers could use it. This package contains working and tested functionalities for managing users, roles and permissions, and it is applied in accounting information system.

Sign in / Sign up

Export Citation Format

Share Document