Enforcing End-to-End Application Security in the Cloud

Bacon, Jean; Evans, David; Eyers, David; Migliavacca, Matteo; Pietzuch, Peter; Shand, Brian

doi:10.1007/978-3-642-16955-7_15

Cited by 31 publications

(16 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Role Based Access Control (RBAC) is a scheme that restricts unauthorized users to access a system. It offers a satisfactory level of safety & security for authorized mHealth users who accessing EHR system resources & medical records through a set of rules & policies put into effect for patients, doctors or any other personnel in the form of login & password [26]. In [27] Yu-Yi Chen et al proposed an EHR sharing and integration system in healthcare clouds and analyze the arising security and privacy issues in access and management of EHRs.…”

Section: Secure Cloud Storagementioning

confidence: 99%

A Secured Hybrid Cloud Architecture for mHealth Care

Nagaty

2015

Mobile Health

View full text Add to dashboard Cite

Abstract. This chapter presents a secure mHealth application which is based on hybrid cloud architecture combined with cryptographic techniques to protect data privacy, integrity and security of patients and health care givers and with role based access control to authenticate and authorize cloud users. Hybrid cloud platform combines the advantages of both the private cloud which guarantees privacy and safety of data and the public cloud which provides a platform for reduced services costs. Integrating cryptography and role based access control with hybrid cloud computing ensures the safety of patients' medical records and enables user authentication and authorization for access control. This integrated technology can provide mHealth care the required safety and privacy to flourish.

show abstract

Section: Secure Cloud Storagementioning

confidence: 99%

A Secured Hybrid Cloud Architecture for mHealth Care

Nagaty

2015

Mobile Health

View full text Add to dashboard Cite

show abstract

“…Next to access control, policies have been applied for a large variety of goals in the domain of middleware. Amongst others, Bacon et al [4] employ policies for information flow control in multidomain applications, Wun and Jacobson [25] for managing content-based publish/subscribe middleware and Kumar et al [15] for describing self-management behavior. The common denominator of all this work is that policies are used to separate semantics from enforcement and describe the semantics declaratively.…”

Section: Related Workmentioning

confidence: 99%

Amusa

Decat

Bogaerts

Lagaisse

et al. 2015

Proceedings of the 30th Annual ACM Symposium on Applied Computing

View full text Add to dashboard Cite

Software-as-a-service (SaaS) has been a growing trend in cloud computing for several years. Moreover, SaaS providers are evolving to application-level multi-tenancy, in which all tenants share the application instances, platform and data store with the aim of maximizing resource sharing. For multi-tenant SaaS applications, access control often is the only application-level security mechanism. However, such access control is inherently complex because both the provider and all tenants should be able to specify their access rules for the application. Moreover, these rules must all be securely combined and correctly enforced in the shared multi-tenant application. To address this challenge, we present the Amusa access control middleware. Amusa enables both the provider and all its tenants to efficiently declare their access rules on the SaaS application. To achieve this, Amusa provides incremental three-layered management based on attribute-based tree-structured policies. Afterwards, Amusa securely combines the access rules of all parties and enforces them at run-time with low performance overhead.

show abstract

“…Secure operation requires that applications [14] and services be capable of supporting a variety of security functionality, such as authentication, authorization, credential conversion, auditing, and delegation. Interaction between services requires having a range of security requirements and mechanisms.…”

Section: Proposed Model For Clloud Security Management 41 Overviewmentioning

confidence: 99%

A Novel Approach for Handling Security in Cloud Computing Services

MohammedAbduljalil¹,

Hegazy²,

Hassanein³

2013

IJCA

View full text Add to dashboard Cite

The rapid advances in cloud computing has introduced a variety of security issues; each requires certain skills and knowledge. While developing business services requires conducting analysis and design for the business activities that does not include common security functions for these services. Currently there is no framework existing from the logical level for securely orchestrating of cloud services in a heterogeneous environment. We are addressing in the paper a clear separation of concerns between the "business logic" and the "security logic" in order for any service implementing the proposed security service to be considered a high level secured service in terms of access and communication in order for it to be widely used and acceptable. A development model is proposed to write secured services without burdening the developer of continuously rewriting security routines.

show abstract

Enforcing End-to-End Application Security in the Cloud

Cited by 31 publications

References 16 publications

A Secured Hybrid Cloud Architecture for mHealth Care

A Secured Hybrid Cloud Architecture for mHealth Care

Amusa

A Novel Approach for Handling Security in Cloud Computing Services

Contact Info

Product

Resources

About