Abstract
Cloud computing is the new technology in open and distributed systems, recently adopted by many IT companies and business organizations. In such systems, there are usually a large number of users in different domains having their own policies, which make many problems arise as degradation or loss of information access control, theft or unauthorized use of information, as well as quality of services problems, traceability and accountability. Data access using various resources requires a user authentication, access control model for integrated management and control in cloud computing environments. The traditional access control models that are identity based are closed and inflexible. In this paper we present an overview of access control models with comparative and analysis to retrieve a suitable model for such environment. An extended Attribute based Access Control (ABAC) model is proposed by introducing the concept of privacy aware to retrieve a new efficient advanced model that can provide a more flexible, privacy and integrity model.
Keywords
This is a preview of subscription content, log in via an institution.
Preview
Unable to display preview. Download preview PDF.
References
Bowen, B.M., Ben Salem, M., Hershkop, S.: Designing host and network sensors to mitigate the insider threat. IEEE Security Privacy Mag. 7(6), 22–29 (2009)
Jung, J.J.: Service chain-based business alliance formation in service-oriented architecture. Expert Syst. Appl. 38(3), 2206–2211 (2011)
Kiyomoto, S., Fukushima, K., Miyake, Y.: Towards secure cloud computing architecture—a solution based on software protection mechanism. J. Internet Serv. Inf. Secur. 1(1), 4–17 (2011)
Pieters, W.: Representing humans in system security models: an actor-network approach. J. Wirel. Mobile Netw. Ubiquitous Comput. Depend. Appl. 2(1), 75–92 (2011)
Bhaskar, P., Admela, J., Dimitrios, K., Yves, G.: Architectural Requirements for Cloud Computing Systems: An Enterprise Cloud Approach. J. Grid Computing 9(1), 3–26 (2011)
Li, X., He, J.: A user-centric method for data privacy protection in cloud computing. In: 2011 International Conference on Computer, Electrical, and Systems Sciences and Engineering, pp. 355–358 (2011)
Faraji, M.S.: Identity and Access Management in Multi-tier Cloud Infrastructure, thesis (2013)
Karp, A.H., Haury, H., Davis, M.H.: From ABAC to ZBAC: The Evolution of Access Control Models. HP Laboratories-2009-30
Ahn, G.-J., Sandhu, R.: Role-based authorization constraints specification. ACM Trans. Inf. Syst. Secur. 3(4), 207–226 (2000)
Bertino, E., Bonatti, P.A., Ferrari, E.: Trbac: a temporal role-based access control model. ACM Trans. Inf. Syst. Secur. 4(3), 191–233 (2001)
Joshi, J.B.D., Bertino, E., Latif, U., Ghafoor, A.: A generalized temporal role-based access control model. IEEE Trans. Knowl. Data Eng. 17(1), 4–23 (2005)
Li, N., Tripunitara, M.V.: Security analysis in role-based access control. ACM Trans. Inf. Syst. Secur. 9(4), 391–420 (2006)
Kalajainen, T.: An access control model in a semantic data structure: case process modelling of a bleaching line. Department of Computer Science and Engineering (2007)
Nabeel Tahir, M.: C-RBAC: Contextual role-based access control model. Ubiquitous Comput. Commun. J. 2(3), 67–74 (2007)
https://blueprints.launchpad.net/keystone/+spec/attribute-based-access-control
Stermsek, G., Stremmbeck, M., Neumann, G.: Using Subject- and Object-specific Attrubutes for Access Control in Web-based Knowledge Management System
Ubale, S.A., Apte, S.S.: Comparison of ACL Based Security Models for securing resources for Windows operating system. IJSHRE 2(6), 63
Punithasurya, K., Jeba Priya, S.: Analysis of Different Access Control Mechanism in Cloud. International Journal of Applied Information Systems (IJAIS) 4(2) September 2012. ISSN: 2249-0868 Foundation of Computer Science FCS, New York, USA
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer Science+Business Media Singapore
About this paper
Cite this paper
Ed-Daibouni, M., Lebbat, A., Tallal, S., Medromi, H. (2016). Toward a New Extension of the Access Control Model ABAC for Cloud Computing. In: Sabir, E., Medromi, H., Sadik, M. (eds) Advances in Ubiquitous Networking. UNet 2015. Lecture Notes in Electrical Engineering, vol 366. Springer, Singapore. https://doi.org/10.1007/978-981-287-990-5_7
Download citation
DOI: https://doi.org/10.1007/978-981-287-990-5_7
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-287-989-9
Online ISBN: 978-981-287-990-5
eBook Packages: EngineeringEngineering (R0)