Skip to main content
SpringerLink
Log in
Book cover

Proceedings of the International Conference on IT Convergence and Security 2011 pp 41–50Cite as

Design of Attribute-Based Access Control in Cloud Computing Environment

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 120))

Abstract

Future Internet Groups have been studying networking virtualization and computing virtualization for Testbed. Specially, GENI have adopted cloud computing as computing virtualization technique. But the traditional access control models are closed and inflexible in cloud computing environment. The integration of Attribute Based Access Control (ABAC) model, which makes decisions relying on attributes of requestors, services, resources, and environment, is scalable and flexible and thus is more suitable for distributed, open systems, such as Cloud computing system. This paper presents an Attribute Based Access Control model and the authorization requirements of Cloud computing systems.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Abbreviations

A:

directional orientation of the system

H:

strip thickness with strip thickness and strip thickness strip thickness

References

  1. Lampson BW (1971) Protection. In: Proceedings 5th Princeton conference on information sciences and systems, Princeton, pp 437–443

    Google Scholar 

  2. Bell DE, LaPadula L (1973) Secure computer systems: a mathematical model. Mitre Corporation, Bedford (January)

    Google Scholar 

  3. Sandhu RS, Samaratiy P (1994) Access control: principles and practice. IEEE Commun 32(9):40–48

    Article  Google Scholar 

  4. Foster I, Kesselman C, Tuecke S (2001) The anatomy of the grid: enabling scalable virtual organizations. Int J Supercomput Appl 15(3):200–222

    Article  Google Scholar 

  5. en.wikipedia.org/wiki/Intercloud

    Google Scholar 

  6. Ferraiolo DF, Kuhn DR (1992) Role based access control. 15th National Computer Security conference, October 1992

    Google Scholar 

  7. Blaze M, Feigenbaum J, Ioannidis J (1999) The KeyNote trust-management system version 2, IETF RFC 270

    Google Scholar 

  8. Pimlott A, Kiselyov O (2006) Soutei, a logic-based trust-management system. FLOPS 2006, In: 8th international symposium on functional and logic programming, Fuji-Susono, Japan, April 2006

    Google Scholar 

  9. Damiani E, De Capitani di Vimercati S, Samarati P (2005) New paradigms for access control in open environments. In: Proceedings 5th IEEE international symposium on signal processing and information, Athens, Greece, 18–21 December 2005

    Google Scholar 

  10. Bonatti P, Samarati P (2002) A unified framework for regulating access and information release on the web. J Comput Secur 10(3):241–272

    Google Scholar 

  11. Wang L, Wijesekera D, Jajodia S (2004) A logic-based framework for attribute based access control. In: Proceedings 2004 ACM workshop on formal methods in security engineering, Washington, October 2004

    Google Scholar 

  12. Yuan E, Tong J (2005) Attributed based access control (ABAC) for web services. In: Proceedings IEEE international conference on web services (ICW’05), July 2005

    Google Scholar 

  13. Welch V, Barton T, Keahey K, Siebenlist F (2005) Attributes, anonymity, and access: shibboleth and globus integration to facilitate grid collaboration. In: 4th Annual PKI R&D workshop, April 2005

    Google Scholar 

  14. Barton T, Basney J, Freeman T, Scavo T, Siebenlist F, Welch V, Ananthakrishnan R, Baker B, Goode M, Keahey K (2006) Identity federation and attribute-based authorization through the globus toolkit, Shibboleth, Gridshib, and MyProxy. In: 5th Annual PKI R&D workshop, April 2006

    Google Scholar 

  15. Alfteri R, Cecchini R, Ciaschini V, Dellagnello L, Frohner A, Gianoli A, Lorentey K, Spataro VOMS F (2003) An authorization system for virtual organizations. In: 1st European Across Grids conference, Santiago de Compostela, 13–14 February 2003

    Google Scholar 

  16. http://groups.geni.net/geni/attachment/wiki/ABAC/geni-rbac-req-0.5a.pdf

  17. http://www.microsoft.com/windowsazure/

  18. http://www.protogeni.net/trac/protogeni/wiki/RSpec

  19. Lang B, Foster I, Siebenlist F, Ananthakrishnan R, Freeman T Attributed based access control for grid computing

    Google Scholar 

  20. Karp AH, Haury H, Davis MH (2009) From ABAC to ZBAC: the evolution of access control models. Hewlett-Packard Development Company, L. P., 21 February 2009

    Google Scholar 

Download references

Acknowledgments

This work was supported by the National Research Foundation of Korea Grant funded by the Korean Government [NRF-2009-353-D00048]. This research was supported by the KCC (Korea Communications Commission), Korea, under the R&D program supervised by the KCA (Korea Communications Agency) [KCA-2011-09913-05006].

Author information

Authors and Affiliations

  1. SCENT Center, GIST, 261 Cheomdan-gwagiro (Oryong-dong), Buk-gu, Gwangju, 500-712, South Korea

    ByungRae Cha & JongWon Kim

  2. Department of Information Security, Mokpo National University, Mokpo, 534-729, South Korea

    JaeHyun Seo

Authors
  1. ByungRae Cha
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. JaeHyun Seo
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. JongWon Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to ByungRae Cha .

Editor information

Editors and Affiliations

  1. , Convergence Security, Kyoung-gi University, Iui-dong San 94-6, Suwon, Gyeonggi-do, 443-760, Korea, Republic of (South Korea)

    Kuinam J. Kim

  2. , Computer Science, Sungkyunkwan University, Cheonchoen-dong, Jangan-gu 300, Suwon, Gyeonggi-do, 110-745, Korea, Republic of (South Korea)

    Seong Jin Ahn

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer Science+Business Media B.V.

About this paper

Cite this paper

Cha, B., Seo, J., Kim, J. (2012). Design of Attribute-Based Access Control in Cloud Computing Environment. In: Kim, K., Ahn, S. (eds) Proceedings of the International Conference on IT Convergence and Security 2011. Lecture Notes in Electrical Engineering, vol 120. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-2911-7_4

Download citation

  • DOI: https://doi.org/10.1007/978-94-007-2911-7_4

  • Published:

  • Publisher Name: Springer, Dordrecht

  • Print ISBN: 978-94-007-2910-0

  • Online ISBN: 978-94-007-2911-7

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation