A SECURE METHOD OF ACCESSING CLOUD RESOURCES
162 viewsDOI:
https://doi.org/10.54939/1859-1043.j.mst.75.2021.141-147Keywords:
Cloud; Behavior; Permissions; Privilege permission; Role.Abstract
Cloud computing today is not only popular with business customers but also with educational customers. When all the owner's data is put on the cloud, the problem of secure access becomes more urgent than ever. This paper proposes a quantified role-based access control model for the cloud, providing an effective authorization solution and flexible permission adjustment when there are unauthorized accesses. The proposed solution againsts privilege escalation attacks based on the authorization mechanism for each role in each session of each different object. The analysis results are tested by the application in the IaaS cloud.
References
[1]. CSA (2009), “Security Guidance Critical Areas of Focus for Critical Areas of Focus in Cloud Computing V2.1”, Cloud Security Alliance, No. 1, pp. 1–76.
[2]. S. Eludiora (2011), “A user identity management protocol for cloud computing paradigm”, Int. J. Commun. Netw. Syst. Sci. 4 (2011), pp.152–163,
[3]. Almulla S A, Chan Y Y (2010). “Cloud computing security management [A]”. Proceedings of the International Conference on Engineering Systems Management and Its Applications [C]. Sharjah, UAE, 2010, pp.1-7.
[4]. Mell P, Grance T. (2009), “The NIST definition of cloud computing [J]”. National Institute of Standards and Technology, 2009, 53(6): pp.50-57.
[5]. R. Jiang, X. Wu, B. Bhargava (2016), “SDSS-MAC: secure data sharing scheme in multiauthority cloud storage systems”, Comput. Secur. 62 (2016) pp.193–212.
[6]. Yang Liu, Tang Zhuo, Li Renfa, et al (2011), “Roles query algorithm in cloud computing environment based on user require [J]”. Journal on Communications, 2011, 32(7): pp.169-175.
[7]. Zhai Zhengde (2006), “Quantified-role based controllable delegation model [J]”. Chinese Journal of Computers, 2006, 29(8): pp.1401-1407.
[8]. Brodkin (2008), Gartner: seven cloud-computing security risks. http://www.networkworl.com/news/2008/070208-cloud.html.
[9]. Yu S, Wang C, Ren K, et al (2010), “Achieving secure, scalable, and finegrained data access control in cloud computing [C]”. In Proceedings of IEEE INFOCOM, 2010: pp.534-542.
[10]. Joshi J B D, Bertino E, Latif U, et al. “A generalized temporal role-based access control model [J]”. IEEE Transaction on Knowledge and Data Engineering, 2005, 17(1): pp.4-23.
[11]. Chandran S M, Joshi J B D. “Towards administration of a hybrid role hierarchy [A]”. Proceedings of the IEEE International Conference on Information Reuse and Integration [C]. Las Vegas, USA, 2005, pp.500-505.
[12]. I. Indu, P.M. Rubesh Anand, Vidhyacharan Bhaskar (2018), “Identity and access management in cloud environment: Mechanisms and challenges, Engineering Science and Technology”, an International Journal, 2018.
[13]. Jung Y, Chung M (2010), “Adaptive security management model in the cloud computing environment [A]”. Proceedings of the International Conference on Advanced Communication Technology [C]. Washington DC, USA, 2010, pp.1664-1669.
[14]. Chunlei Wu, Zhongwei Li, and Xuerong Cui (2012), “An Access Control Method of Cloud Computing Resources Based on Quantified-Role”, Natural Science Foundation of Shandong Province of China, pp. 919-923.
[15]. Openstack. http://www.openstack.org/.