Managing Data Access on Clouds: A Generic Framework for Enforcing Security Policies

Băsescu, Cristina; Carpen-Amarie, Alexandra; Leordeanu, Catalin; Costan, Alexandru; Antoniu, Gabriel

doi:10.1109/aina.2011.61

Cited by 38 publications

(13 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Thus, some challenges may be more to do with perception than reality [30]. These challenges include: 1) Security threats: A major obstacle to cloud computing is the security threats including tampering or leakage of sensitive data on the cloud, loss of privacy and the unauthorized use of the data by cloud providers [62][63][64][65][66][67]. Hence, a number of security requirements should be satisfied by educational cloud computing systems to protect data from these threats [55,56].…”

Section: Challenges To Cloud Educationmentioning

confidence: 99%

A New Trend for E-Learning in KSA Using Educational Clouds

Alshwaier¹

2012

ACIJ

View full text Add to dashboard Cite

show abstract

Section: Challenges To Cloud Educationmentioning

confidence: 99%

A New Trend for E-Learning in KSA Using Educational Clouds

Alshwaier¹

2012

ACIJ

View full text Add to dashboard Cite

show abstract

“…A Generic Policy Management framework has been designed to define and enforce access decision which proves effective only for specific types of attacks [3].…”

Section: Related Workmentioning

confidence: 99%

A semantic-based access control for ensuring data security in cloud computing

Auxilia

Raja²

2012

2012 International Conference on Radar, Communication and Computing (ICRCC)

View full text Add to dashboard Cite

1 Ensuring data security in cloud is an important research issue.Dataaccess Control isan efficient way for guaranteeing the data security. Data access cannot be controlled safely and efficiently, unless access decision takes semantic relationship among different entities in the access control domain. Accessdecisions made with considering entities in isolation,rather than taking their interrelationships into account may result in security violations. Traditional access control models like MAC, DAC, RBAC fails to consider interrelationships among access control entities. In this paper, we propose a Semantic Based AccessControl model, which considers relationships among the entities in all domains of access control namely Subject(user), Object(Data/resource), Action(select, open, read, write) and so on. We also had shown how to reduce the semantic interrelationships into subsumption problem. This reduction facilitates the propagation of policies in these domains and also enhances time and space complexity of access control mechanisms.

show abstract

“…However, authors have proved their approaches efficiency on SQL-like database structure only. To achieve high-level data access control scheme, [19] proposed a generic security management framework that enables cloud storage providers to define and enforce flexible security policies. This approach firstly defines templates of various attacks and map them into security policies, then based on these policies a security violation detection engine is developed to search for recorded user actions that match the template events defined by the policy.…”

Section: Security Analysis In Software-as-a-servicementioning

confidence: 99%

Software as a service: Understanding security issues

Chouhan

Yao

Sezer

2015

2015 Science and Information Conference (SAI)

View full text Add to dashboard Cite

Software-as-a-service (SaaS) is a type of software service delivery model which encompasses a broad range of business opportunities and challenges. Users and service providers are reluctant to integrate their business into SaaS due to its security concerns while at the same time they are attracted by its benefits. This article highlights SaaS utility and applicability in different environments like cloud computing, mobile cloud computing, software defined networking and Internet of things. It then embarks on the analysis of SaaS security challenges spanning across data security, application security and SaaS deployment security. A detailed review of the existing mainstream solutions to tackle the respective security issues mapping into different SaaS security challenges is presented. Finally, possible solutions or techniques which can be applied in tandem are presented for a secure SaaS platform.

show abstract

Managing Data Access on Clouds: A Generic Framework for Enforcing Security Policies

Cited by 38 publications

References 13 publications

A New Trend for E-Learning in KSA Using Educational Clouds

A New Trend for E-Learning in KSA Using Educational Clouds

A semantic-based access control for ensuring data security in cloud computing

Software as a service: Understanding security issues

Contact Info

Product

Resources

About