Abstract
In cloud environment, the traditional risk access control model cannot match rules dynamically and the risk values are insensitive for access requests. This paper proposed a cloud platform dynamic risk access control model (CPDAC) to solve the above problems. Firstly, the attribute-based access control model was improved by introducing the event calculus mechanism, and then the dynamic rule-matching module was constructed in the CPDAC. Secondly, based on programming regression (PR), the risk-evaluation-index weight distribution module was designed, and the risk assessment module with high sensitive value to access requests was constructed. Experimental results show that CPDAC is effective and feasible; in addition, the model is better in real-time and dynamic than other existing models.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Li, H., Min, Z., Feng, D., et al.: Research on access control of big data. Chin. J. Comput. (2017)
Wang, Y., Yang, J., Xu, C.: Survey on access control technologies for cloud computing. J. Softw. 26(5), 1129–1150 (2015)
Ray, I., Ray, I.: Trust-based access control for secure cloud computing. In: Han, K., Choi, B.Y., Song, S. (eds.) High Performance Cloud Auditing and Applications, pp. 189–213. Springer, New York (2014). https://doi.org/10.1007/978-1-4614-3296-8_8
Naghmouchi, M.Y., Perrot, N., Kheir, N.: A new risk assessment framework using graph theory for complex ICT systems. In: Proceedings of the 8th ACM CCS International Workshop on Managing Insider Security Threat, MIST 2016, pp. 97–100. ACM Press, New York (2016)
Sendi, A.S., Cheriet, M.: Cloud computing: a risk assessment model. In: IEEE International Conference on Cloud Engineering, pp. 147–152. IEEE Press, Piscataway (2014)
Lakshmi, H., Namitha, S., Seemanthini.: Risk based access control in cloud computing. In: International Conference on Green Computing and Internet of Things, pp. 1502–1505. IEEE Press, Piscataway (2015)
Bouchami, A., Goettelmann, E., Perrin, O.: Enhancing access-control with risk-metrics for collaboration on social cloud-platforms, pp. 864–871. IEEE Computer Society (2015)
Chen, A., Xing, H., She, K., et al.: A dynamic risk-based access control model for cloud computing. In: IEEE International Conferences on Big Data and Cloud Computing, pp. 579–584. IEEE Press, Piscataway (2016)
Zhou, L.: Research on Information Security Risk Assessment Model Based on Fuzzy Grey Relational Analysis. Southwest University, Chongqing (2013)
Xiong, J., Qin, H., Li, J., et al.: Method of determining index weight in security risk evaluation based on information entropy. J. Syst. Sci. 82–84 (2013)
Zahoor, E., Perrin, O., Bouchami, A.: CATT: a cloud based authorization framework with trust and temporal aspects. In: International Conference on Collaborative Computing: Networking, Applications and Worksharing, pp. 285–294. IEEE Press, Piscataway (2014)
Fang, K., Wang, D., Wu, G.: A class of constrained regression—programming regression. Mathematica Numerica Sinica 57–69 (1982)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Xie, L., Wei, R., Ning, Y., Yang, H. (2018). Dynamic Risk Access Control Model for Cloud Platform. In: Sun, X., Pan, Z., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2018. Lecture Notes in Computer Science(), vol 11065. Springer, Cham. https://doi.org/10.1007/978-3-030-00012-7_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-00012-7_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00011-0
Online ISBN: 978-3-030-00012-7
eBook Packages: Computer ScienceComputer Science (R0)