Skip to main content
SpringerLink
Log in

An Attribute-Role Based Access Control Mechanism for Multi-tenancy Cloud Environment

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Because of the rapid development of software technology, many enterprises require more high-performance hardware to enhance their competitiveness. Cloud computing is the result of distributed computing, grid computing and is gradually being seen as the future solution to the companies. Cloud computing can virtualize existing software and hardware to reduce costs. Thus, enterprises only require high Internet bandwidth and devices to access cloud service on the Internet. This would decrease many overhead costs and reduce IT staff requirement. A cloud environment provider provides many companies to rent a cloud service simultaneously in the provider’s cloud, the technology is named multi-tenancy cloud service. However, how to access resource safely is an important topic if user want to adopt multi-tenancy cloud computing technology. The cloud-computing environment is vulnerable to network-related attacks. This research uses role-based access control authorization mechanism concept and combines it with attribute based access control to determine which tenant that user can access. The enhanced authorization mechanism can improve the safety of cloud computing services and protected the data secret.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Lee, X. H., Doll, T., Barbosu, M., Luque, A., & Wang, D. W. (2012). An enhancement of the role-based access control model to facilitate information access management in context of team collaboration and workflow. Journal of Biomedical Informatics, 45(6), 1084–1107.

    Article  Google Scholar 

  2. Liaw, H. T., Guo, M. H., Yang, T. C., & Yen, C. T. (2011). An authoirzation mechanism based on identity based token and RBAC for cloud environment. Journal of Innovation and Management, 8(3), 1–35.

    Google Scholar 

  3. Gruschka, N., & Jensen, M. (2010). Attack surfaces attacks on cloud services. In International conference on cloud computing.

  4. Tang, L., Dong, J., Zhao, Y., & Zhang. L. J. (2008). Enterprise cloud service architecture. In International conference on cloud computing.

  5. Sangroya, A., Kumar, S., Dhok, J., & Varma, V., (2010). Towards analyzing data security risks in cloud computing environments. In International conference on information systems, technology, and management.

  6. Li, X. Y., Shi, Y., Guo, Y., & Ma, W. (2010). Multi-tenancy based access control in cloud. In International conference on computational intelligence and software engineering, 1–4.

  7. Almutairi, A., Sarfraz, M., Basalamah, S., Aref, W., & Ghafoor, A. (2013). A distributed access control architecture for cloud computing. IEEE Software, 29(2), 36–44.

    Article  Google Scholar 

  8. Chong, F., Carraro, G., & Wolter, R. (2006). Multi-tenant data architecture. http://msdn.microsoft.com/en-us/library/aa479086.aspx. Accessed 27 June 2014.

  9. Chu, H. C., Deng, D. J., Chao, H. C., & Huang, Y. M. (2009). Next generation of terrorism: Ubiquitous cyber terrorism with the accumulation of all intangible fears. Journal of Universal Computer Science, 15(12), 2373–2386.

  10. Chu, H. C., Deng, D. J., Chao, H. C., & Huang, Y. M. (2011). An ontology-driven model for digital forensics investigations of computer incidents under the ubiquitous conputing environments. Wirless Personal Communications, 56(5), 5–19.

  11. Tang, B., Li, Q., & Sandhu, R. (2013). A multi-tenant RBAC model for collaborative cloud services. In Eleventh annual conference on pirvacy and trust.

  12. Gerges, S., Khattab, S., Hassan, H., & Omara, F. (2013). Scalable multi-tenant authorization in highly collaborative cloud applications. International Journal of Cloud Computing and Services Science, 2(2), 106–115.

    Google Scholar 

  13. Chiang, D. J., Wang, C. S., & Deng, D. J., (2014). Real-time data delivery using prediction mechanism in mobile environments. Wireless Personal Communications, 74(4), 1345–1362.

  14. Guo, M. H., Deng, D. J., Liaw, H. T., & Park, J. H. (2014). An efficient route scheduling mechanism for WiMAX network. The Knowledge Engineering Review, 29(4), 452–462.

  15. Deng D. J., Shu, L., & Kato, N. (2014). Digital forensics in mobile computing system and ubiquitous wireless networks. Security and Communication Networks, 7(12), 2492–2494.

  16. Ferraiolo, D. F., Sandhu, R., Garila, S., & Kuhn, D. R. (2001). Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security, 4(3), 224–274.

    Article  Google Scholar 

  17. Sandhu, R. S., Coyne, E. J., Feinstein, H. L., & Youman, C. E. (1996). Role-based access control models. Computer, 29(2), 38–47.

    Article  Google Scholar 

  18. Mon, E. E., & Naing, T. T. (2011). The privacy-aware access control system using attribute and role based access control in private cloud. In IEEE international conference on broadband network and multimedia technology.

  19. Wan, Z. G., Liu, J., & Deng, R. H. (2012). HASBE: A hierarchical attribute-based solution for flexible and scalable access control in cloud computing. IEEE Transactions on Information Forensics and Security, 7(2), 743–754.

    Article  Google Scholar 

  20. Yuan, E., & Tong, J. (2005). Attributed based access control (ABAC) for web services. In IEEE international conference on web services.

  21. Shen, H. B., & Hong, F. (2006). An attribute-based access control model for web services. In International conference on parallel and distributed computing, applications and technologies, 74–79.

  22. Iqbal, Z., & Noll, J. (2012). Towards semantic-enhanced attribute-based access control for cloud services. In International conference on trust, security and privacy in computing and communications.

  23. Yang, T. C., Lo, N. W., & Liaw, H. T. (2012). An enhancement RBAC mechanism for multi-tenancy cloud environment. In International workshop on advanced information technology and applications.

  24. Carles, M. G., Guillermo, N. A., & Joan, B. (2011). Fuzzy role-based access control. In Information processing letters.

  25. Alshehri, S., & Rajendra, K. R. (2013). Secure access control for health information sharing systems. In 2013 IEEE international conference on healthcare informatics.

  26. Joshi, J., Bertino, E., Latif, U., & Ghafoor, A. (2005). A generalized temporal role-based access control. In IEEE transactions on knowledge and data engineering.

  27. Oh, S., & Park, S. (2003). Taskrole-based access control model. Information Systems, 28(6), 533–562.

    Article  MATH  Google Scholar 

  28. Masoumzadeh, A., & Joshi, J. B. (2008). Purbac: purpose-aware role-based access control. In International conferences in proceedings of the OTM 2008 confederated.

  29. Alipour, H., Sabbari, M., & Nazemi, E. (2011). A policy-based access control model for web services. In International conference for internet technology and secured transactions.

Download references

Acknowledgments

The authors gratefully acknowledge the support from the Taiwan Information Security Center and the National Science Council, Taiwan, under the Grants Numbers NSC 102-2218-E-011-013.

Author information

Authors and Affiliations

  1. Department of Information Management, Shih Hsin University, No.1, Lane 17, Sec. 1, Mu-Cha Rd., Taipei, Taiwan, ROC

    Ming Huang Guo

  2. Department of Information Management, National Taiwan University of Science and Technology, No.43, Sec. 4, Keelung Rd., Da’an Dist., Taipei, Taiwan, ROC

    Nai Wei Lo & Ta Chih Yang

Authors
  1. Nai Wei Lo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ta Chih Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ming Huang Guo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ming Huang Guo.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Lo, N.W., Yang, T.C. & Guo, M.H. An Attribute-Role Based Access Control Mechanism for Multi-tenancy Cloud Environment. Wireless Pers Commun 84, 2119–2134 (2015). https://doi.org/10.1007/s11277-015-2515-y

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-015-2515-y

Keywords

Search

Navigation