scholarly journals A Comprehensive Survey and Analysis on Access Control Schemes in Cloud Environment

2016 ◽  
Vol 16 (1) ◽  
pp. 19-38 ◽  
Author(s):  
P. G. Shynu ◽  
K. John Singh
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Security Requirements ◽  
Future Research ◽  
Cloud Environment ◽  
Access Control Models ◽  
Control Models ◽  
Outsourced Data ◽  
Comprehensive Survey ◽  
Cloud Technologies

Abstract Cloud computing has emerged as the most dominant computational paradigm in recent times. There are tremendous benefits for enterprises adopting cloud technologies. It provides resources and services on demand, pay-as-you go basis. This includes infrastructure, platform and software services. But there are still a number of security threats and challenges associated with utilizing cloud computing. A proper access control is the fundamental security requirement in any cloud environment, to avoid unauthorized access to the cloud systems. As cloud computing supports multi-tenancy and has a various categories of users with different sets of security requirements, traditional access control models and policies cannot be used. This paper discusses on various access control models used for cloud environment and presents a detailed requirement analysis for developing an access control, specifically for the cloud. A comprehensive study on various security problems associated with outsourced data on the cloud and their existing solutions are also described, with the future research directions.

Access Control Framework for Cloud Computing

2019 ◽  
pp. 698-711
Author(s):  
Kashif Munir ◽  
Lawan A. Mohammed
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Role Based Access Control ◽  
Discretionary Access Control ◽  
Job Functions ◽  
Access Control Models ◽  
Control Models ◽  
Control Framework ◽  
Role Based ◽  
Access Privileges

Access control is generally a rule or procedure that allows, denies, restricts or limit access to system's resources. It may, as well, monitor and record all attempts made to access a system. Access Control may also identify users attempting to access unauthorized resources. It is a mechanism which is very much important for protection in computer security. Various access control models are in use, including the most common Mandatory Access Control (MAC), Discretionary Access Control (DAC) and Role Based Access Control (RBAC). All these models are known as identity based access control models. In all these access control models, user (subjects) and resources (objects) are identified by unique names. Identification may be done directly or through roles assigned to the subjects. These access control methods are effective in unchangeable distributed system, where there are only a set of Users with a known set of services. For this reason, we propose a framework which is well suited to many situations in cloud computing where users or applications can be clearly separated according to their job functions. In this chapter, we proposes a role based access control framework with various features including security of sensitive data, authorization policy and secure data from hackers. Our proposed role based access control algorithm provides tailored and fine level of user access control services without adding complexity, and supports access privileges updates dynamically when a user's role is added or updated.

Access Control Framework for Cloud Computing

2015 ◽  
pp. 314-325
Author(s):  
Kashif Munir ◽  
Lawan A. Mohammed
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Role Based Access Control ◽  
Discretionary Access Control ◽  
Job Functions ◽  
Access Control Models ◽  
Control Models ◽  
Control Framework ◽  
Role Based ◽  
Access Privileges

Access control is generally a rule or procedure that allows, denies, restricts or limit access to system's resources. It may, as well, monitor and record all attempts made to access a system. Access Control may also identify users attempting to access unauthorized resources. It is a mechanism which is very much important for protection in computer security. Various access control models are in use, including the most common Mandatory Access Control (MAC), Discretionary Access Control (DAC) and Role Based Access Control (RBAC). All these models are known as identity based access control models. In all these access control models, user (subjects) and resources (objects) are identified by unique names. Identification may be done directly or through roles assigned to the subjects. These access control methods are effective in unchangeable distributed system, where there are only a set of Users with a known set of services. For this reason, we propose a framework which is well suited to many situations in cloud computing where users or applications can be clearly separated according to their job functions. In this chapter, we proposes a role based access control framework with various features including security of sensitive data, authorization policy and secure data from hackers. Our proposed role based access control algorithm provides tailored and fine level of user access control services without adding complexity, and supports access privileges updates dynamically when a user's role is added or updated.

Survey of access control models and technologies for cloud computing

2018 ◽  
Vol 22 (S3) ◽  
pp. 6111-6122 ◽  
Author(s):  
Fangbo Cai ◽  
Nafei Zhu ◽  
Jingsha He ◽  
Pengyu Mu ◽  
Wenxin Li ◽  
...  
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Access Control Models ◽  
Control Models

scholarly journals Role-Attribute-Based Encryption (RABE) Access Control for Healthcare Cloud Systems

2016 ◽  
Vol 15 (8) ◽  
pp. 6999-7007
Author(s):  
Paolina Centonze
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Personal Health Records ◽  
Cloud Services ◽  
Personal Health ◽  
Health Records ◽  
Cloud Systems ◽  
Access Control Models ◽  
Control Models ◽  
Attribute Based Encryption

In the medical industry, it is critical to ensure the confidentiality of patients’ personal health records when storing and managing them. Before cloud computing surfaced, heath providers used local servers and hard drives to store their records and data. As cloud computing has been becoming more prominent many healthcare providers are using the cloud to store and manage their sensitive data. This journal compares and investigates two different access control models, in particular Role-Based Access Control and Attribute-Based Access Control, to validate the confidentiality of data when storing and managing personal health records on cloud services. The comparative analysis of these access control models is done to identify possible inefficiency and privacy restrictions in these two access control based models. In addition, in this journal we propose a new access control model, which we refer to as Role-Attribute-Based-Encryption Access Control (RABE), by combining some of the best aspects of both RBAC and ABAC in order to improve data privacy on cloud systems used in healthcare.

Sign in / Sign up

Export Citation Format

Share Document