Cloud service access control system based on ontologies

Liu, Chi-Lun

doi:10.1016/j.advengsoft.2013.12.006

Cited by 16 publications

(11 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Unreliable access control policies are identified by policy conflict analysis rules. In any case, the work doesn't utilize the standard ontology tool, which would not be flexible to adopt at all [16].…”

Section: Related Workmentioning

confidence: 99%

Providing Ontology-Based Access Control for Cloud Data by Exploiting Subsumption Property among Domains of Access Control

Michael¹,

Kothandaraman²,

Kaliyan³

2019

IJIES

View full text Add to dashboard Cite

Cloud computing has pulled in numerous business organizations and users because of its simplified administration effort, minimal maintenance cost and pervasive access to out-sourced resources, which can be hardware or software. Users share these resources in large-scale environments over the Internet. Stringent access control must be implemented in a cloud storage system for protecting sensitive information. Access control models in the current literature such as Discretionary Access control (DAC), Mandatory Access Control model (MAC), Role-Based Access Model (RBAC) or Attribute Access Control Model (ABAC) consider the entities of access control in isolation and thus leading to incorrect access control decisions. In this paper, Ontology-Based Access Control is proposed. This proposal uses an ontology to model the entities associated with access control and their interrelationships among them, which could be effortlessly adjusted to Cloud environments. Ontology promises to streamline knowledge sharing among the entities. Subsumption property is exploited over concepts, properties and individuals. The experimental results show that the number of rules to be stored in Policy Base is reduced and reasoning time is also considerably reduced because of applying subsumption property and hence access decision is made faster. Also, our work is compared with the existing works against the state of art models with the help of access control metrics provided by the National Institute of Standards and Technology (NIST). Our work answers the queries related to metric effectively than the existing works. Hence the performance of the system is increased and suitable for securing cloud data.

show abstract

Section: Related Workmentioning

confidence: 99%

Providing Ontology-Based Access Control for Cloud Data by Exploiting Subsumption Property among Domains of Access Control

Michael¹,

Kothandaraman²,

Kaliyan³

2019

IJIES

View full text Add to dashboard Cite

show abstract

“…Roles define both the specific individuals access to resources and the extent to which resources are accessed. Because of its advantages in reducing the complexity of security administration and supporting a review of permissions assigned to users, RBAC has attracted considerable attentions . introduces a cryptographic administrative model AdC‐RBAC for managing and enforcing access policies by using cryptographic techniques to ensure that the administrative tasks are performed only by authorized administrative roles.…”

Section: Related Workmentioning

confidence: 99%

“… introduces a cryptographic administrative model AdC‐RBAC for managing and enforcing access policies by using cryptographic techniques to ensure that the administrative tasks are performed only by authorized administrative roles. extends RBAC to propose the cloud service access control (CSAC) system to automatically support for access control policy analysis and execution in cloud services.…”

Section: Related Workmentioning

confidence: 99%

Consent-based access control for secure and privacy-preserving health information exchange

Zhang

Bacchus

Lin

2016

Security Comm. Networks

View full text Add to dashboard Cite

Electronic health record exchanges are crucial functions of modern healthcare systems. These components are fundamental in providing quality care and enable for a larger spectrum of services. A framework which protects patient information during data exchanges is essential for healthcare systems. To achieve security and privacy‐preservation for information exchange, we propose a consent‐based access control (CBAC) mechanism for healthcare systems. A consent is an authorization initiated by a patient for an intended data requester via an agreement between them. After obtaining the consent from the patient, a healthcare organization can gain access to the data, which is encrypted by a healthcare provider. This is achieved by a cryptographic primitive: conditional proxy re‐encryption. By doing so, patient medical data is protected against access of unauthorized parties, including public data center. Additionally, the proposed scheme achieves collusion resistance. Furthermore, mutual authentication and contextual privacy are attained. Performance evaluation demonstrates that the proposed CBAC scheme can achieve security and privacy preservation with high computational efficiency. Copyright © 2016 John Wiley & Sons, Ltd.

show abstract

“…The CSAC system consist of seven module: access deny and grant determine if access is grantable or to be denied, resource used observer checks the resource usage, payment status observer checks the paying bill accounts of user, policy statement used by admin to specify the policies of access control, policy conflicts detector is used to check the inconsistency between policies, conflicts resolver is used to resolve the inconsistency between the policies of access control, and ontologies administration modifies the relationship and concept. Two elements are considered in CSAC system, first one is service level agreement and second is payment status [6]. Payment status is the process of payment stages in the accounting records of cloud service providers.…”

Section: B Csac Modelmentioning

confidence: 99%

“…Payment status is the process of payment stages in the accounting records of cloud service providers. Service level agreement is the commitment between the service provider and consumer which define level of services and control the computing resource usage, therefore Service level agreement is needed to be consider in cloud access control model [6]. The user concept explosion and object concept explosion [6] is calculated using CSAC model and compared with RBAC model.…”

Section: B Csac Modelmentioning

confidence: 99%

A key based security mechanism for payment status in cloud service access control system

Kaur

2015

2015 International Conference on Advances in Computing, Communications and Informatics (ICACCI)

View full text Add to dashboard Cite

Cloud computing is widely accepted dominant paradigm that provides a number of resources and cost effective software services to their clients as they demand such as Software as a Service, Platform as a Service and Infrastructure as a Service. However these services provide a lot of benefits for their clients, but still there is a need of data security against unauthorized access of services (data). Access control is an important aspect of cloud computing to enhance the system security. This paper focus on securing the pay-as-you-go model used by cloud service access model (CSAC) using combination of RSA and AES algorithm to ensure that only authorized user access the services from cloud. It also provides the mechanism to detect the conflicts between policies and inhibits the access due to conflicts in the environment of cloud computing. This paper gives an insight into the enhancement of the security to access the services from cloud by proposed access control model. With this aim, this paper presents a secure access control model which allows legal access of services.

show abstract

Cloud service access control system based on ontologies

Cited by 16 publications

References 15 publications

Providing Ontology-Based Access Control for Cloud Data by Exploiting Subsumption Property among Domains of Access Control

Providing Ontology-Based Access Control for Cloud Data by Exploiting Subsumption Property among Domains of Access Control

Consent-based access control for secure and privacy-preserving health information exchange

A key based security mechanism for payment status in cloud service access control system

Contact Info

Product

Resources

About