Entrustment of Access Control in Public Clouds

Article Sidebar

PDF
Published: Dec 31, 2014
Keywords:
Delegation, privacy, access control, security, policy.

Main Article Content

A.NAGA BALA
D.RAVIKIRAN

Abstract

Cloud computing, as an emerging computing standard. Cloud computing enables users to remotely store their data in a cloud and also benefit from services on-demand. With rapid development of cloud computing, more enterprises will outsource their sensitive data for sharing in a cloud. Delegation is a process of sharing access rights by users of an access control model. It facilitates the distribution of authorities in the model. It is also useful in collaborative environments. Delegation may also result in privacy violations if it allows accessing data without the data provider’s consent. Even Though the consent is taken, the privacy can still be violated if the data is used differently than the data provider agreed. Our work investigates data privacy in delegation. Based on this setting, a delegation model is designed to consider the privacy policies in taking delegation decisions and also, to set the data usage criteria for the access right receivers.

Article Details

How to Cite
[1]
A.NAGA BALA and D.RAVIKIRAN, “Entrustment of Access Control in Public Clouds”, Int. J. Comput. Eng. Res. Trends, vol. 1, no. 6, pp. 421–427, Dec. 2014.
Issue
Vol. 1 No. 6 (2014): December (2014) Issue
Section
Research Articles
Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

IJCERT Policy:

The published work presented in this paper is licensed under the Creative Commons Attribution 4.0 International (CC BY 4.0) license. This means that the content of this paper can be shared, copied, and redistributed in any medium or format, as long as the original author is properly attributed. Additionally, any derivative works based on this paper must also be licensed under the same terms. This licensing agreement allows for broad dissemination and use of the work while maintaining the author's rights and recognition.

By submitting this paper to IJCERT, the author(s) agree to these licensing terms and confirm that the work is original and does not infringe on any third-party copyright or intellectual property rights.

 

References

M. Nabeel and E. Bertino, ‚Privacy preserving delegated access control in the storage as a service model,‛ in EEE International Conference on Information Reuse and Integration (IRI), 2012.

E. Bertino and E. Ferrari, ‚Secure and selective dissemination of XML documents,‛ ACM Trans. Inf. Syst. Secur., vol. 5, no. 3, pp. 290–331, 2002.

G. Miklau and D. Suciu, ‚Controlling access to published data using cryptography,‛ in VLDB ’2003: Proceedings of the 29th international conference on Very large data bases. VLDB Endowment, 2003, pp. 898–909.

N. Shang, M. Nabeel, F. Paci, and E. Bertino, ‚A privacy- preserving approach to policy-based content dissemination,‛ in ICDE ’10: Proceedings of the 2010 IEEE 26th International Conference on Data Engineering, 2010.

M. Nabeel, E. Bertino, M. Kantarcioglu, and B. M. Thurais¬ ingham, ‚Towards privacy preserving access control in the cloud,‛ in Proceedings of the 7th International Conference on Col- laborative Computing: Networking, Applications and Worksharing, ser. CollaborateCom ’11, 2011, pp. 172–180.

M. Nabeel, N. Shang, and E. Bertino, ‚Privacy preserving pol- icy based content sharing in public clouds,‛ IEEE Transactions on Knowledge and Data Engineering, 2012.

S. D. C. di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati, ‚Over-encryption: Management of access control evolution on outsourced data,‛ in Proceedings of the 33rd International Conference on Very Large Data Bases, ser. VLDB ’07. VLDB Endowment, 2007, pp. 123–134.

M. Nabeel and E. Bertino, ‚Towards attribute based group key management,‛ in Proceedings of the 18th ACM conference on Computer and communications security, Chicago, Illinois, USA, 2011.

A. Fiat and M. Naor, ‚Broadcast encryption,‛ in Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology, ser. CRYPTO ’93. London, UK: Springer-Verlag, 1994, pp. 480–491.

D. Naor, M. Naor, and J. B. Lotspiech, ‚Revocation and tracing schemes for stateless receivers,‛ in Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, ser. CRYPTO ’01. London, UK: Springer-Verlag, 2001, pp. 41–62.

J. Li and N. Li, ‚OACerts: Oblivious attribute certificates,‛ IEEE Transactions on Dependable and Secure Computing, vol. 3, no. 4, pp. 340–352, 2006.

T. Pedersen, ‚Non-interactive and informationtheoretic secure verifiable secret sharing,‛ in CRYPTO ’91: Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology. London, UK: Springer-Verlag, 1992, pp. 129–140.

M. Nabeel and E. Bertino, ‚Attribute based group key manage¬ ment,‛ IEEE Transactions on Dependable and Secure Computing, 2012.

A. Shamir, ‚How to share a secret,‛ The Communication of ACM, vol. 22, pp. 612–613, November 1979.

V. Shoup, ‚NTL library for doing number theory,‛ http://www.shoup.net/ntl/.

OpenSSL the open source toolkit for SSL/TLS,‛ http://www.openssl.org/.

‚boolstuff a boolean expression tree toolkit,‛ http://sarrazip.com/dev/boolstuff.html.

A. Schaad, J. Moffett, and J. Jacob, ‚The rolebased access con- trol system of a european bank: a case study and discussion,‛ in Proceedings of the sixth ACM symposium on Access control models and technologies, ser. SACMAT ’01. New York, NY, USA: ACM, 2001, pp. 3–9.

K. Fisler, S. Krishnamurthi, L. A. Meyerovich, and M. C. Tschantz, ‚Verification and changeimpact analysis of access- control policies,‛ in Proceedings of the 27th international confer- ence on Software engineering, ser. ICSE ’05. New York, NY, USA: ACM, 2005, pp. 196–205.

S. Coull, M. Green, and S. Hohenberger, ‚Controlling access to an oblivious database using stateful anonymous credentials,‛ in Irvine: Proceedings of the 12th International Conference on Prac- tice and Theory in Public Key Cryptography. Berlin, Heidelberg: SpringerVerlag, 2009, pp. 501–520.

J. Camenisch, M. Dubovitskaya, and G. Neven, ‚Oblivious transfer with access control,‛ in CCS ’09: Proceedings of the 16th ACM conference on Computer and communications security. New York, NY, USA: ACM, 2009, pp. 131–140.

K. P. N. Puttaswamy, C. Kruegel, and B. Y. Zhao, ‚Silverline: toward data confidentiality in storage-intensive cloud appli¬ cations,‛ in Proceedings of the 2nd ACM Symposium on Cloud Computing, ser. SOCC ’11. New York, NY, USA: ACM, 2011, pp. 10:1–10:13.

A. Sahai and B. Waters, ‚Fuzzy identity-based encryption,‛ in Eurocrypt 2005, LNCS 3494. Springer-Verlag, 2005, pp. 457– 473.

M. Pirretti, P. Traynor, P. McDaniel, and B. Waters, ‚Secure attribute-based systems,‛ in CCS ’06: Proceedings of the 13th ACM conference on Computer and communications security. New York, NY, USA: ACM, 2006, pp. 99–112.

V. Goyal, O. Pandey, A. Sahai, and B. Waters, ‚Attribute-based encryption for fine-grained access control of encrypted data,‛ in CCS ’06: Proceedings of the 13th ACM conference on Computer and communications security. New York, NY, USA: ACM, 2006, pp. 89–98.

J. Bethencourt, A. Sahai, and B. Waters, ‚Ciphertext-policy attribute-based encryption,‛ in SP ’07: Proceedings of the 2007 IEEE Symposium on Security and Privacy. Washington, DC, USA: IEEE Computer Society, 2007, pp. 321–334.