Skip to main content
SpringerLink
Log in
Book cover

International Conference on Algorithms and Architectures for Parallel Processing

ICA3PP 2015: Algorithms and Architectures for Parallel Processing pp 532–546Cite as

Adopting Multi-mode Access Control for Secure Data Sharing in Cloud

  • Conference paper
  • First Online:

  • 1852 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 9530))

Abstract

Cloud data sharing introduces a new challenge to the enforcement of security controls. The existing approaches are not flexible and low efficiency while performing access control. In this paper, we propose a multi-mode access control scheme, which can support multiple access strategies for data distributed at different areas in cloud. Meanwhile, we introduce the concept of dynamic attribute into the access policy to adjust user’s access privileges timely according to his changeable characteristics. Specifically, we present an efficient revocation method which uses confusion token to process the ciphertext at the server. We apply these techniques to design a muti-mode access control system and implement the prototype based on the Openstack platform. Furthermore, we devise a Uniform Access Control Markup Language (UACML) based on XACML, which greatly improves the expressiveness of our multi-mode access control policies. The experimental results show that our scheme has low computational overhead for revocation as well as good flexibility.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Masood, R., Shibli, M.A.: Comparative analysis of access control systems on cloud. In: 13th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel and Distributed Computing (SNPD), pp. 41–46. IEEE (2012)

    Google Scholar 

  2. Ruj, S.: Attribute based access control in clouds: a survey. In: Signal Processing and Communications (SPCOM), pp. 1–6 (2014)

    Google Scholar 

  3. Sirisha, A., Kumari, G.: API access control in cloud using role based access control model. In: Trendz in Information Sciences and Computing (2010)

    Google Scholar 

  4. Sanka, S., Hota, C., Rajarajan, M.: Secure data access in cloud computing. In: International Conference on Internet Multimedia Services Architecture and Application (2010)

    Google Scholar 

  5. Lee, C.-C., Chung, P.-S., Hwang, M.-S.: A survey on attribute-based encryption schemes of access control in cloud environments. IJ Netw. Secur. 15(4), 231–240 (2013)

    Google Scholar 

  6. Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: IEEE INFOCOM, pp. 534–542 (2010)

    Google Scholar 

  7. Chase, M., Chow, S.S.M.: Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS 2009), pp. 121–130 (2009)

    Google Scholar 

  8. Yu, S., Wang, C., Ren, K., Lou, W.: Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM Symposium Information, Computer and Comm. Security (ASIACCS 2010), pp. 261–270 (2010)

    Google Scholar 

  9. Hur, J., Noh, D.K.: Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans. Parallel Distrib. Syst. 22(7), 1214–1221 (2011)

    Article  Google Scholar 

  10. Xu, Z., Martin, K.M.: Dynamic user revocation and key refreshing for attribute-based encryption in cloud storage. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 844–849 (2012)

    Google Scholar 

  11. Ferraiolo, D.F., Sandhu, R., Gavrila, S.: Proposed NIST standard for role based access control. ACM Trans. Inf. Syst. Secur. 4, 224–274 (2001)

    Article  Google Scholar 

  12. Slimani, N., Khambhammettu, H., Adi, K., et al.: UACML: unified access control modeling language. In: 2011 4th IFIP International Conference on New Technologies, Mobility and Security (NTMS), pp. 1–8 (2011)

    Google Scholar 

  13. Mon, E.E., Naing, T.T.: The privacy-aware access control system using attribute-and role-based access control in private cloud. In: 2011 4th IEEE International Conference on Broadband Network and Multimedia Technology (IC-BNMT), pp. 447–451 (2011)

    Google Scholar 

  14. Hur, J., Noh, D.K.: Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans. Parallel Distrib. Syst. 22(7), 1214–1221 (2011)

    Article  Google Scholar 

  15. Wang, G., Liu, Q., Wu, J.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: IEEE Proceedings of INFOCOM (2010)

    Google Scholar 

Download references

Acknowledgments

Firstly, the authors would like to thank the anonymous referees of ICA3PP 2015 for their reviews and suggestions to improve this paper. Secondly, the work is supported by the National High Technology Research and Development Program (863 Program) of China under Grant No. 2013AA013203, and also supported by the National Natural Science Foundation of China under Grant No. 61232004.

Author information

Authors and Affiliations

  1. Wuhan National Lab for Optoelectronics, Huazhong University of Science and Technology, Wuhan, 430074, China

    Chunhua Li, Ronglei Wei, Zebang Wu, Ke Zhou, Cheng Lei & Hao Jin

Authors
  1. Chunhua Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ronglei Wei
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zebang Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ke Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Cheng Lei
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Hao Jin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chunhua Li .

Editor information

Editors and Affiliations

  1. Central South University, Changsha, China

    Guojun Wang

  2. The University of Sydney, Sydney, New South Wales, Australia

    Albert Zomaya

  3. University of Murcia, Murcia, Murcia, Spain

    Gregorio Martinez

  4. Hunan University, Changsha, China

    Kenli Li

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Li, C., Wei, R., Wu, Z., Zhou, K., Lei, C., Jin, H. (2015). Adopting Multi-mode Access Control for Secure Data Sharing in Cloud. In: Wang, G., Zomaya, A., Martinez, G., Li, K. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2015. Lecture Notes in Computer Science(), vol 9530. Springer, Cham. https://doi.org/10.1007/978-3-319-27137-8_39

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-27137-8_39

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-27136-1

  • Online ISBN: 978-3-319-27137-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation