Abstract
Cloud Computing is the fast growing and the dominant field of Information Technology (IT) industry. It proposes on demand and cost effective services such as Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS). Many security challenges are drawn from these services in cloud environment such as abuse of cloud services, data security, malicious insider and cyber-attacks. Although various access control policies and models such as Mandatory Access Control (MAC) and Role Based Access Control (RBAC) are existing, but these are not suitable for Cloud access control requirements.
In this paper, we analyze and identify different important gaps of the conventional access control schemes based on the their demerits and cloud access requirements. We also propose a Combinatorial Batch Codes Based Access Control (CBCBAC) model, which fulfill all the cloud access control requirements.
Our approach ensures the secure and efficient sharing of resources among various non-trusted tenants and also has the capacity to support different access permission to the same user for using multiple services securely. We also implement a prototype of our work which depicts the effective access control in the cloud environment.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Saxena, R., Dey, S.: Cloud shield: effective solution for DDoS in cloud. In: Di Fatta, G., Fortino, G., Li, W., Pathan, M., Stahl, F., Guerrieri, A. (eds.) IDCS 2015. LNCS, vol. 9258, pp. 3–10. Springer, Heidelberg (2015). doi:10.1007/978-3-319-23237-9_1
Saxena, R., Ruj, S., Sarma, M., Collaborative model for privacy preservation, data integrity verification in cloud computing. In: Proceedings of the Security and Privacy Symposium, IIT Kanpur, Kanpur, India, February 2013
Ruj, R., Saxena, R.: Securing cloud data. In: Cloud Computing with e-Science Applications, pp. 41–72, January 2015. doi:10.1201/b18021-4
Saxena, R., Dey, S.: Collaborative approach for data integrity verification in cloud computing. In: Martínez Pérez, G., Thampi, S.M., Ko, R., Shu, L. (eds.) Recent Trends in Computer Networks and Distributed Systems Security. Communications in Computer and Information Science, vol. 420, pp. 1–15. Springer, Heidelberg (2014). doi:10.1007/978-3-642-54525-2_1
Ausanka-Crues, R.: Methods for access control: advances and limitations, Harvey Mudd College 301
LaPadula, L., Bell, D.E., LaPadula, L.J.: Secure computer systems: Mathematical foundations, Draft MTR, The MITRE Corporation 2
Biba, K.J.: Integrity considerations for secure computer systems. Technical report, DTIC Document (1977)
Lampson, B.W.: Protection. SIGOPS Oper. Syst. Rev. 8(1), 18–24 (1974). doi:10.1145/775265.775268
Laurie, B.: Access control (v0. 1) (2009)
Oh, S., Park, S.: Task-role-based access control model. Inf. Syst. 28(6), 533–562 (2003)
Al-Kahtani, M., Sandhu, R., et al.: A model for attribute-based user-role assignment. In.: 2002 18th Annual Proceedings of Computer Security Applications Conference, pp. 353–362. IEEE (2002)
Brucker, A.D., Brügger, L., Kearney, P., Wolff, B.: An approach to modular, testable security models of real-world health-care applications. In: Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, pp. 133–142. ACM (2011)
Wang, W., Han, J., Song, M., Wang, X., The design of a trust, role based access control model in cloud computing. In: 2011 6th International Conference on Pervasive Computing and Applications (ICPCA), pp. 330–334. IEEE (2011)
Tianyi, Z., Weidong, L., Jiaxing, S.: An efficient role based access control system for cloud computing. In: 2011 IEEE 11th International Conference on Computer and Information Technology (CIT), pp. 97–102. IEEE (2011)
Sun, L., Wang, H., Yong, J., Wu, G.: Semantic access control for cloud computing based on e-healthcare. In: 2012 IEEE 16th International Conference on Computer Supported Cooperative Work in Design (CSCWD), pp. 512–518. IEEE (2012)
Tsai, W.-T., Shao, Q.: Role-based access-control using reference ontology in clouds. In: 2011 10th International Symposium on Autonomous Decentralized Systems (ISADS), pp. 121–128. IEEE (2011)
Mon, E.E., Naing, T.T.: The privacy-aware access control system using attribute-and role-based access control in private cloud. In: 2011 4th IEEE International Conference on Broadband Network and Multimedia Technology (IC-BNMT), pp. 447–451. IEEE (2011)
Stinson, D., Wei, R., Paterson, M.B.: Combinatorial batch codes. Adv. Math. Commun. 3(1), 13–27 (2009)
XenServer, Download xenserver 6.2 @ONLINE (2014). http://xenserver.org/open-source-virtualization-download.html
Cloudera, Cloudera downloads get started with hadoop @ONLINE (2014). http://www.cloudera.com/content/cloudera/en/downloads.html
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Saxena, R., Dey, S. (2016). A Novel Access Control Model for Cloud Computing. In: Li, W., et al. Internet and Distributed Computing Systems. IDCS 2016. Lecture Notes in Computer Science(), vol 9864. Springer, Cham. https://doi.org/10.1007/978-3-319-45940-0_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-45940-0_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-45939-4
Online ISBN: 978-3-319-45940-0
eBook Packages: Computer ScienceComputer Science (R0)