Advertisement

Toward a New Extension of the Access Control Model ABAC for Cloud Computing

  • Maryam Ed-DaibouniEmail author
  • Adil Lebbat
  • Saida Tallal
  • Hicham Medromi
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 366)

Abstract

Cloud computing is the new technology in open and distributed systems, recently adopted by many IT companies and business organizations. In such systems, there are usually a large number of users in different domains having their own policies, which make many problems arise as degradation or loss of information access control, theft or unauthorized use of information, as well as quality of services problems, traceability and accountability. Data access using various resources requires a user authentication, access control model for integrated management and control in cloud computing environments. The traditional access control models that are identity based are closed and inflexible. In this paper we present an overview of access control models with comparative and analysis to retrieve a suitable model for such environment. An extended Attribute based Access Control (ABAC) model is proposed by introducing the concept of privacy aware to retrieve a new efficient advanced model that can provide a more flexible, privacy and integrity model.

Keywords

Cloud computing Security Access control model Privacy aware 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Bowen, B.M., Ben Salem, M., Hershkop, S.: Designing host and network sensors to mitigate the insider threat. IEEE Security Privacy Mag. 7(6), 22–29 (2009)CrossRefGoogle Scholar
  2. 2.
    Jung, J.J.: Service chain-based business alliance formation in service-oriented architecture. Expert Syst. Appl. 38(3), 2206–2211 (2011)CrossRefGoogle Scholar
  3. 3.
    Kiyomoto, S., Fukushima, K., Miyake, Y.: Towards secure cloud computing architecture—a solution based on software protection mechanism. J. Internet Serv. Inf. Secur. 1(1), 4–17 (2011)Google Scholar
  4. 4.
    Pieters, W.: Representing humans in system security models: an actor-network approach. J. Wirel. Mobile Netw. Ubiquitous Comput. Depend. Appl. 2(1), 75–92 (2011)Google Scholar
  5. 5.
    Bhaskar, P., Admela, J., Dimitrios, K., Yves, G.: Architectural Requirements for Cloud Computing Systems: An Enterprise Cloud Approach. J. Grid Computing 9(1), 3–26 (2011)CrossRefGoogle Scholar
  6. 6.
    Li, X., He, J.: A user-centric method for data privacy protection in cloud computing. In: 2011 International Conference on Computer, Electrical, and Systems Sciences and Engineering, pp. 355–358 (2011)Google Scholar
  7. 7.
    Faraji, M.S.: Identity and Access Management in Multi-tier Cloud Infrastructure, thesis (2013)Google Scholar
  8. 8.
    Karp, A.H., Haury, H., Davis, M.H.: From ABAC to ZBAC: The Evolution of Access Control Models. HP Laboratories-2009-30Google Scholar
  9. 9.
    Ahn, G.-J., Sandhu, R.: Role-based authorization constraints specification. ACM Trans. Inf. Syst. Secur. 3(4), 207–226 (2000)CrossRefGoogle Scholar
  10. 10.
    Bertino, E., Bonatti, P.A., Ferrari, E.: Trbac: a temporal role-based access control model. ACM Trans. Inf. Syst. Secur. 4(3), 191–233 (2001)CrossRefGoogle Scholar
  11. 11.
    Joshi, J.B.D., Bertino, E., Latif, U., Ghafoor, A.: A generalized temporal role-based access control model. IEEE Trans. Knowl. Data Eng. 17(1), 4–23 (2005)CrossRefGoogle Scholar
  12. 12.
    Li, N., Tripunitara, M.V.: Security analysis in role-based access control. ACM Trans. Inf. Syst. Secur. 9(4), 391–420 (2006)CrossRefGoogle Scholar
  13. 13.
    Kalajainen, T.: An access control model in a semantic data structure: case process modelling of a bleaching line. Department of Computer Science and Engineering (2007)Google Scholar
  14. 14.
    Nabeel Tahir, M.: C-RBAC: Contextual role-based access control model. Ubiquitous Comput. Commun. J. 2(3), 67–74 (2007)Google Scholar
  15. 15.
  16. 16.
  17. 17.
    Stermsek, G., Stremmbeck, M., Neumann, G.: Using Subject- and Object-specific Attrubutes for Access Control in Web-based Knowledge Management SystemGoogle Scholar
  18. 18.
    Ubale, S.A., Apte, S.S.: Comparison of ACL Based Security Models for securing resources for Windows operating system. IJSHRE 2(6), 63Google Scholar
  19. 19.
    Punithasurya, K., Jeba Priya, S.: Analysis of Different Access Control Mechanism in Cloud. International Journal of Applied Information Systems (IJAIS) 4(2) September 2012. ISSN: 2249-0868 Foundation of Computer Science FCS, New York, USAGoogle Scholar

Copyright information

© Springer Science+Business Media Singapore 2016

Open Access This chapter is licensed under the terms of the Creative Commons Attribution-NonCommercial 2.5 International License (http://creativecommons.org/licenses/by-nc/2.5/), which permits any noncommercial use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.

The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.

Authors and Affiliations

  • Maryam Ed-Daibouni
    • 1
    Email author
  • Adil Lebbat
    • 1
  • Saida Tallal
    • 1
  • Hicham Medromi
    • 1
  1. 1.System Architecture TeamENSEM, Hassan II UniversityCasablancaMorocco

Personalised recommendations