scispace - formally typeset
Search or ask a question
Proceedings ArticleDOI

A Honey Bee behaviour inspired novel Attribute-based access control using enhanced Bell-Lapadula model in cloud computing

01 Feb 2015-pp 1-6
TL;DR: This work aims to come up with a Novel Attribute-Based Access Control for cloud security using Enhanced Bell-Lapadula Model inspired from Honey Bee behaviour to summarize all the access control techniques in cloud environment.
Abstract: Cloud computing is one of the emerging technologies that is being used widely these days. It makes use of the computing resources such as hardware and software that is delivered over the internet and provides remote services with user's data, software and computation. There has been a growing trend to use the cloud for large-scale data storage. This has raised the important security issue of how to control and prevent unauthorized access to data stored in the cloud. There are various access control techniques in cloud environment such as IBAC, RBAC, ABAC, MAC, DAC. Among these techniques, Attribute-Based Access Control (ABAC) is gaining more importance. Here access is granted based on attributes. Our primary objective is to summarize all the access control techniques in cloud environment. Our main objective is to come up with a Novel Attribute-Based Access Control for cloud security using Enhanced Bell-Lapadula Model inspired from Honey Bee behaviour. The Honey Bee prevents the intruders from entering into their hives. This is similar to the access control mechanism in cloud environment. It identifies the bee that belongs to the same hive by the possession of the small barbs on the stings. Similarly, we are trying to restrict the users based on the possession of correct set of attributes by using ABAC technique.
Citations
More filters
Journal ArticleDOI
TL;DR: This work proposes an enhanced Bell–LaPadula model and categorized the peers and transactions in different clearance and security levels and constructed a dynamic access control policies using a smart contracts to provide data security in the network.
Abstract: Access control is a policy in data security that controls access to resources. The current access control mechanisms are facing many problems, due to the interference of the third-party, privacy, and security of data. These problems can be addressed by blockchain, the technology that gained major attention in recent years and has many capabilities. However, in the blockchain network, every peer maintains the same state of the ledger to view the complete history of transactions that leads to scalability issues in the blockchain network. To address the problem of scalability we propose an enhanced Bell–LaPadula model and categorized the peers and transactions in different clearance and security levels. The peers don’t have to maintain the complete history of transactions owing to the clearance level. To provide data security in the network we constructed a dynamic access control policies using a smart contracts. We test our model on a blockchain-based healthcare network. The Hyperledger Fabric tool is used to run a complete infrastructure of healthcare organization while the Hyperledger composer modeling tool is used to implement the smart contracts and to provide dynamic access control functionality on the blockchain network.

31 citations

Journal Article
TL;DR: This paper introduces three information security models based on multilevel security policy Bell-La Padula (BLP) model, Biba model and Clark-Wilson model and emphatically expounds and compares the characteristics of the three models.
Abstract: The core of the multilevel security policy is to divide information into different security level.Information security model will adopt different protection measures according to the security levels.And the policy is widely used in military field and business environ ment.This paper introduces three information security models based on multilevel security policy— Bell-LaPadula(BLP) model,Biba mod el and Clark-Wilson model.It emphatically expounds the characteristics of the three models.And comparisons among them are given.

4 citations

Journal ArticleDOI
TL;DR: An Enterprise Management Structure (EMS) model for information flow data leakage probability estimation is proposed and it is concluded that its results meet expert evaluation tendencies and correlate with Bell-LaPadula confidentiality model.
Abstract: Modern organizations strongly rely on various forms of data, ranging from communication technologies to bookkeeping and manufacturing. It is a crucial asset of any enterprise, requiring special att...

4 citations

Proceedings ArticleDOI
Gang Liu1, Guofang Zhang1, Runnan Zhang1, Juan Cui1, Quan Wang1, Shaomin Ji1 
01 May 2017
TL;DR: An improved Bell-LaPadula model combining with obligation mechanism is proposed and response mechanism is also introduced in the improved model which can resolve the disadvantage of response blind area.
Abstract: Bell-LaPadula model is the most classical multilevel security access control model, however, the existence of the response blind area in Bell-LaPadula model is a great threat for system. In this paper we propose an improved Bell-LaPadula model combining with obligation mechanism. Response mechanism is also introduced in the improved model which can resolve the disadvantage of response blind area. Furthermore, the security of the improved model and covert channel is analyzed in detail.

3 citations

References
More filters
ReportDOI
28 Sep 2011
TL;DR: This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.
Abstract: Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.

15,145 citations


"A Honey Bee behaviour inspired nove..." refers background in this paper

  • ...Our primary objective is to summarize all the access control techniques in cloud environment....

    [...]

Proceedings ArticleDOI
30 Oct 2006
TL;DR: This work develops a new cryptosystem for fine-grained sharing of encrypted data that is compatible with Hierarchical Identity-Based Encryption (HIBE), and demonstrates the applicability of the construction to sharing of audit-log information and broadcast encryption.
Abstract: As more sensitive data is shared and stored by third-party sites on the Internet, there will be a need to encrypt data stored at these sites. One drawback of encrypting data, is that it can be selectively shared only at a coarse-grained level (i.e., giving another party your private key). We develop a new cryptosystem for fine-grained sharing of encrypted data that we call Key-Policy Attribute-Based Encryption (KP-ABE). In our cryptosystem, ciphertexts are labeled with sets of attributes and private keys are associated with access structures that control which ciphertexts a user is able to decrypt. We demonstrate the applicability of our construction to sharing of audit-log information and broadcast encryption. Our construction supports delegation of private keys which subsumesHierarchical Identity-Based Encryption (HIBE).

4,257 citations


"A Honey Bee behaviour inspired nove..." refers background in this paper

  • ...This gives rise to the need for a term called “cloud computing”....

    [...]

Book
01 Jan 2003
TL;DR: This newly revised edition of the Artech House bestseller, Role-Based Access Control, offers the very latest details on this sophisticated security model aimed at reducing the cost and complexity of security administration for large networked applications.
Abstract: This newly revised edition of the Artech House bestseller, Role-Based Access Control, offers you the very latest details on this sophisticated security model aimed at reducing the cost and complexity of security administration for large networked applications. The second edition provides more comprehensive and updated coverage of access control models, new Rbac standards, new in-depth case studies and discussions on role engineering and the design of role-based systems. The book shows you how Rbac simplifies security administration by using roles, hierarchies, and constraints to manage the review and control of organizational privileges. Moreover, it explains how Rbac makes it possible to specify many types of enterprise security policies. This unique resource covers all facets of Rbac, from its solid model-theoretic foundations to its implementation within commercial products. You learn how to use Rbac to emulate other access control models and find frameworks and tools for administering Rbac. Research prototypes that have incorporated Rbac into various classes of software like Wfms, Web server, Os (Unix) and Java (Jee) are reviewed. Products implementing Rbac features such as relational Dbms and Enterprise Security Administration (Esa) systems are described to serve as a guide to the state of practice of Rbac.

2,108 citations


"A Honey Bee behaviour inspired nove..." refers background in this paper

  • ...KEYWORDS: Attribute Based Access Control,BellLapadula Model, Cloud security....

    [...]

Book
01 Dec 2002

1,248 citations


"A Honey Bee behaviour inspired nove..." refers background in this paper

  • ...KEYWORDS: Attribute Based Access Control,BellLapadula Model, Cloud security....

    [...]

Journal ArticleDOI
01 May 2013
TL;DR: An algorithm named honey bee behavior inspired load balancing (HBB-LB) is proposed, which aims to achieve well balanced load across virtual machines for maximizing the throughput and compared with existing load balancing and scheduling algorithms.
Abstract: Scheduling of tasks in cloud computing is an NP-hard optimization problem. Load balancing of non-preemptive independent tasks on virtual machines (VMs) is an important aspect of task scheduling in clouds. Whenever certain VMs are overloaded and remaining VMs are under loaded with tasks for processing, the load has to be balanced to achieve optimal machine utilization. In this paper, we propose an algorithm named honey bee behavior inspired load balancing (HBB-LB), which aims to achieve well balanced load across virtual machines for maximizing the throughput. The proposed algorithm also balances the priorities of tasks on the machines in such a way that the amount of waiting time of the tasks in the queue is minimal. We have compared the proposed algorithm with existing load balancing and scheduling algorithms. The experimental results show that the algorithm is effective when compared with existing algorithms. Our approach illustrates that there is a significant improvement in average execution time and reduction in waiting time of tasks on queue.

597 citations


"A Honey Bee behaviour inspired nove..." refers background in this paper

  • ...Those users who possess correct labels will only be provided access and others will be restricted to proceed with thereby ensuring the security of the data....

    [...]