scispace - formally typeset
Search or ask a question
Proceedings ArticleDOI

An algebra for composing access control policies in cloud

TL;DR: An algebra for the composition of a Role-based access control policy, where the privileges are given to the individuals based on their roles within an organization is proposed.
Abstract: The Multi-tenancy nature of the cloud is prone to several data leakage, threats and malicious attacks. The access control techniques are the major ways through which these threats can be exterminated. The firewalls and the current access control techniques were not efficient in meeting the challenges faced by the cloud environment. The access control policy composition is a substantial requirement of cloud environment. In this paper, we propose an algebra for the composition of a Role-based access control policy. Generally in a role based access control, the privileges are given to the individuals based on their roles within an organization. The traditional and some new algebraic operators were used and their semantics are redefined to suit the cloud environments.
Citations
More filters
Journal ArticleDOI
Gang Liu1, Pei Wenxian1, Yumin Tian1, Chen Liu1, Shancang Li2 
TL;DR: A new conflict detection method is proposed in which implicit conflicting rules are converted to explicit conflicting rules by completing the absent attribute expressions and then compare all the rules in pairs to detect all the probable conflicting rules in a rule set.

8 citations

Proceedings ArticleDOI
01 May 2018
TL;DR: This survey determines in various ways that role policy access using cloud has its own advantages and disadvantages.
Abstract: Cloud Computing is a technology that consists of an internal server and a common server which is used to store data in it in such a way that it can be accessed universally. Big data is a collection of a large data set or data modules. Various studies have been made where the successful integration of cloud and big data have been performed. The advantage of linking big data with cloud is that the data availability becomes global and could be accessed easily. This opens the data up for vandalism and could be easily manipulated. To ensure proper data integrity, different encryption techniques could be used to provide security to the data. Role-Based policy access is an access policy, which provides access to the end users based upon their attributes, which are used to supposedly authenticate the user. It gives the end user the privileges like file access, file modification and updating. This survey determines in various ways that role policy access using cloud has its own advantages and disadvantages.

1 citations

References
More filters
Proceedings ArticleDOI
21 Mar 2012
TL;DR: What makes all this possible, what is the architectural design of cloud computing and its applications, and how can customers do not have to pay for infrastructure, its installation, required man power to handle such infrastructure and maintenance are discussed.
Abstract: With the advent internet in the 1990s to the present day facilities of ubiquitous computing, the internet has changed the computing world in a drastic way. It has traveled from the concept of parallel computing to distributed computing to grid computing and recently to cloud computing. Although the idea of cloud computing has been around for quite some time, it is an emerging field of computer science. Cloud computing can be defined as a computing environment where computing needs by one party can be outsourced to another party and when need be arise to use the computing power or resources like database or emails, they can access them via internet. Cloud computing is a recent trend in IT that moves computing and data away from desktop and portable PCs into large data centers. The main advantage of cloud computing is that customers do not have to pay for infrastructure, its installation, required man power to handle such infrastructure and maintenance. In this paper we will discuss what makes all this possible, what is the architectural design of cloud computing and its applications.

564 citations


"An algebra for composing access con..." refers background in this paper

  • ...Cloud computing is generally a distributed computing over a network, where the application program is made run on the set of clients systems at the same time [1]....

    [...]

Proceedings ArticleDOI
17 Jun 2008
TL;DR: Multiple-replica provable data possession (MR-PDP) is introduced, a provably-secure scheme that allows a client that stores replicas of a file in a storage system to verify through a challenge-response protocol that each unique replica can be produced at the time of the challenge.
Abstract: Many storage systems rely on replication to increase the availability and durability of data on untrusted storage systems. At present, such storage systems provide no strong evidence that multiple copies of the data are actually stored. Storage servers can collude to make it look like they are storing many copies of the data, whereas in reality they only store a single copy. We address this shortcoming through multiple-replica provable data possession (MR-PDP): A provably-secure scheme that allows a client that stores t replicas of a file in a storage system to verify through a challenge-response protocol that (1) each unique replica can be produced at the time of the challenge and that (2) the storage system uses t times the storage required to store a single replica. MR-PDP extends previous work on data possession proofs for a single copy of a file in a client/server storage system (Ateniese et al., 2007). Using MR-PDP to store t replicas is computationally much more efficient than using a single-replica PDP scheme to store t separate, unrelated files (e.g., by encrypting each file separately prior to storing it). Another advantage of MR-PDP is that it can generate further replicas on demand, at little expense, when some of the existing replicas fail.

497 citations

Proceedings Article
01 Dec 2011
TL;DR: This study aims to identify the most vulnerable security threats in cloud computing, which will enable both end users and vendors to know about the key security threats associated with cloud computing.
Abstract: Cloud computing is set of resources and services offered through the Internet. Cloud services are delivered from data centers located throughout the world. Cloud computing facilitates its consumers by providing virtual resources via internet. General example of cloud services is Google apps, provided by Google and Microsoft SharePoint. The rapid growth in field of “cloud computing” also increases severe security concerns. Security has remained a constant issue for Open Systems and internet, when we are talking about security cloud really suffers. Lack of security is the only hurdle in wide adoption of cloud computing. Cloud computing is surrounded by many security issues like securing data, and examining the utilization of cloud by the cloud computing vendors. The wide acceptance www has raised security risks along with the uncountable benefits, so is the case with cloud computing. The boom in cloud computing has brought lots of security challenges for the consumers and service providers. How the end users of cloud computing know that their information is not having any availability and security issues? Every one poses, Is their information secure? This study aims to identify the most vulnerable security threats in cloud computing, which will enable both end users and vendors to know about the key security threats associated with cloud computing. Our work will enable researchers and security professionals to know about users and vendors concerns and critical analysis about the different security models and tools proposed.

280 citations


"An algebra for composing access con..." refers background in this paper

  • ...It is used to restrict the scope of an applied policy within a specified set of costraints....

    [...]

Journal ArticleDOI
TL;DR: This paper designs an efficient PPDP protocol based on the bilinear pairing technique that is provable secure and efficient in public clouds when the client cannot perform the remote data possession checking.
Abstract: Recently, cloud computing rapidly expands as an alternative to conventional computing due to it can provide a flexible, dynamic and resilient infrastructure for both academic and business environments. In public cloud environment, the client moves its data to public cloud server (PCS) and cannot control its remote data. Thus, information security is an important problem in public cloud storage, such as data confidentiality, integrity, and availability. In some cases, the client has no ability to check its remote data possession, such as the client is in prison because of committing crime, on the ocean-going vessel, in the battlefield because of the war, and so on. It has to delegate the remote data possession checking task to some proxy. In this paper, we study proxy provable data possession (PPDP). In public clouds, PPDP is a matter of crucial importance when the client cannot perform the remote data possession checking. We study the PPDP system model, the security model, and the design method. Based on the bilinear pairing technique, we design an efficient PPDP protocol. Through security analysis and performance analysis, our protocol is provable secure and efficient.

238 citations


"An algebra for composing access con..." refers background in this paper

  • ...It is used to restrict the scope of an applied policy within a specified set of costraints....

    [...]

Proceedings ArticleDOI
21 Apr 2012
TL;DR: This paper introduces some cloud computing systems and analyzes cloud computing security problem and its strategy according to the cloud computing concepts and characters.
Abstract: The cloud computing is a new computing model which comes from grid computing, distributed computing, parallel computing, virtualization technology, utility computing and other computer technologies and it has more advantage characters such as large scale computation and data storage, virtualization, high expansibility, high reliability and low price service. The security problem of cloud computing is very important and it can prevent the rapid development of cloud computing. This paper introduces some cloud computing systems and analyzes cloud computing security problem and its strategy according to the cloud computing concepts and characters. The data privacy and service availability in cloud computing are the key security problem. Single security method cannot solve the cloud computing security problem and many traditional and new technologies and strategies must be used together for protecting the total cloud computing system.

182 citations


"An algebra for composing access con..." refers background in this paper

  • ...It is used to restrict the scope of an applied policy within a specified set of costraints....

    [...]