Abstract
Access control is one of the key mechanisms for cloud computing security. When it comes to being used in cloud computing environments, RBAC is more scalable and more suitable compared with traditional discretionary and mandatory access control models. A straightforward way is to extend RBAC from traditional fields to cloud computing environments. In this chapter, several extended role-based access control schemes are surveyed from basic extension, A-RBAC, and trust-based RBAC separately. Core techniques of the proposed schemes are detailed. Comparisons around the proposed schemes are analyzed.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Mell P. The NIST definition of cloud computing. Int J Eng Technol. 2009;4(5):284.
Feng DG, Zhangetc M. Research on cloud computing security. J Softw. 2011;22(1):71–82. In Chinese.
Meghanathan N. Review of access control models for cloud computing. In: ICCSEA, SPPR, CSIA, WimoA – Computer Science & Information Technology (CS & IT). 2013. p. 77–85.
Ferraiolo D, Kuhn DR. Role-based access control. In: Proceedings of the 15th national computer security conference. 1992. p. 554–63.
Ferraiolo DF, Sandhu R, Gavrila S, Kuhn DR, Chadramouli R. Proposed NIST standard for role-based access control. ACM Trans Inform Syst Secur. 2001;4(3):224–74.
Shin ME, Ahn G. UML-based representation of role-based access control. In: IEEE 9th international workshops on enabling technologies: infrastructure for collaborative enterprises (WET ICE’00). 2010. p. 195–200.
Freudenthal E, Pesin T, Port L, Keenan E, Karamcheti V. dRBAC: distributed role-based access control for dynamic coalition environments. In: 22nd IEEE international conference on distributed computing systems (ICDCS’02). 2002. p. 411–20.
Zhu TY, Liu WD, Song JX. An efficient role based access control system for cloud computing. In: 11th IEEE international conference on computer and information technology. 2011. p. 97–102.
Parminder S, Sarpreet S. A new advanced efficient RBAC to enhance the security in cloud computing. Int J Adv Res Comput Sci Softw Eng. 2013;3(6):1136–42.
Parminder S, Sarpreet S. Towards novel and efficient architecture for extended-RBAC in cloud computing. Int J Comput Sci Inform Technol. 2013;4(3):515–8.
Sejong O, Park S. Task-role-based access control model. J Inform Syst. 2003;28(6):533–62.
Bertino E, Bonatti PA, Ferrari E. TRBAC: a temporal role-based access control model. ACM Trans Inform Syst Secur. 2001;4(3):191–233.
Joshi JBD, Bertino E, Latif U, Ghafoor A. A generalized temporal role-based access control model. IEEE Trans Knowl Data Eng. 2005;17(1):4–23.
Bhatti R, Joshi JBD, Bertino E, Ghafoor A. Access control in dynamic XML-based web-services with XRBAC. In: Proceedings of the 1st international conference on web services. 2003. p. 243–9.
Zhou L, Varadharajan V, Hitchens M. Enforcing role-based access control for secure data storage in the cloud. Comput J. 2011;54(10):1–143.
Zhou L, Varadharajan V, Hitchens M. Achieving secure role-based access control on encrypted data in cloud storage. IEEE Trans Inform Forensic Secur. 2013;8(12):1947–60.
Blomqvist K. The many faces of trust. Scand J Manage. 1997;13(3):271–86.
Mayer R, Davis J, Schoorman F. An integrative model of organizational trust: past, present and future. Acad Manage Rev. 1995;20(3):709–34.
Huang J, Nicol D. A formal-semantics-based calculus of trust. IEEE Internet Comput. 2010;14(5):38–46.
Tan ZJ, Tang Z, Renfa L, Ahmed Sallam, Yang L. Research on trust-based access control model in cloud computing. In: IEEE 6th joint international information technology and artificial intelligence conference (ITAIC). 2011. p. 339–44.
Cuppens F, Cuppens-Boulahia N, Mie GE A. Inheritance hierarchies in the Or-BAC model and application in a network environment. In: Second foundations of computer security workshop (FCS’04). 2004. p. 1–10.
Saidi MB, Elkalametc AA. TOrBAC: a trust organization based access control model for cloud computing systems. Int J Soft Comput Eng. 2012;2(4):122–30.
Ullah S, Zheng XF, Zhou F. TCloud: a dynamic framework and policies for access control across multiple domains in cloud computing. Int J Comput Appl. 2013;62(2):1–7.
Tang B, Sandhu R. Cross-tenant trust models in cloud computing. In: ieee 14th international conference on information reuse and integration (IRI). 2013. p. 129–36.
Tang B, Li Q, Sandhu R. A multi-tenant RBAC model for collaborative cloud services. In: 11th annual international conference on privacy, security and trust (PST). 2013. p. 229–38.
Acknowledgments
This paper was funded by the Innovation Program of Shanghai City Board of Education No. 11YZ194 and No. 12YZ146, No. 12YZ147, the founding Program of Shanghai Natural Science No. 11ZR1414300 and 12ZR1411900, and the founding Program of National Natural Science No. 61202020.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Li, H., Wang, S., Tian, X., Wei, W., Sun, C. (2015). A Survey of Extended Role-Based Access Control in Cloud Computing. In: Wong, W. (eds) Proceedings of the 4th International Conference on Computer Engineering and Networks. Lecture Notes in Electrical Engineering, vol 355. Springer, Cham. https://doi.org/10.1007/978-3-319-11104-9_95
Download citation
DOI: https://doi.org/10.1007/978-3-319-11104-9_95
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11103-2
Online ISBN: 978-3-319-11104-9
eBook Packages: EngineeringEngineering (R0)