Access Control Framework of Personal Cloud based on XACML
|
|
- Silas Chapman
- 8 years ago
- Views:
Transcription
1 Access Control Framework of Personal Cloud based on XACML 1 Jun-Young Park, 2 Young-Rok Shin, 3 Kyoung-Hun Kim, 4 Eui-Nam Huh 1First Author, 2 Kyung Hee University, {parkhans, shinyr}@khu.ac.kr 3 Gangdong College, iioii.net@gmail.com *4Corresponding Author Kyung Hee University, johnhuh@khu.ac.kr Abstract Collaboration services have been receiving a great deal of attention for personal users in cloud computing. However, collaboration services have a lot of problems in terms of privacy and security. When a user accesses a cloud computing service, the cloud service provider can easily obtain and collect personal information without permission from the user. Therefore, to solve this problem, we define the requirements of personal cloud Access Control (AC) and propose an AC framework based on the personal cloud service reference model. 1. Introduction Keywords: Personal Cloud Security, Cloud Access Control Currently, many personal cloud services are provided by global IT companies, and cloud computing services have been garnered a great deal of attention for personal users. Personal users have been increasingly utilizing cloud services, and problems related to user privacy have increased accordingly. Cloud service providers offer convenient services to individual users; however, they can also easily obtain and collect personal information without permission from users. Therefore, we need privacy protection in Cloud computing services and their security frameworks to conceal user information from cloud service providers. The personal cloud is a popular concept these days. It describes a user-centric service model of cloud computing with which a user is able to access their personal contents and services anytime, anywhere and with any device [1, 2 and 5]. The Personal Cloud can be divided into three categories: Online Storage, WebTop, and Web-based Applications [1]. Each of these frees up resources, either in terms of processing power, as in the case of Web-based applications, or in the case of an Internet-based desktop (known as WebTop), where any computer with an Internet connection can become our personal computer via a Web browser. Ÿ Online Storage gives users a reliable and secure place to store user data such as documents, MP3s, or movies. The user is able to access their personal storage wherever there is an Internet connection using whatever device the user has. Ÿ Web-Based Applications such as Google docs are another very recent advance in personal cloud computing. Hosted software applications do not have to be downloaded and installed on user computer or mobile devices. Ÿ WebTop service is slightly different than the two mentioned above, as its goal is to recreate the highly personalized setting of the user s own desktop with an online version that can be accessed anywhere with an Internet connection. For example, when the user is away from her desk, WebTop allows access to the information that was formerly found only on the desktop of the user s own computer, such as contacts, , and files, through a personalized and familiar desktop with synchronization tools. The Personal Cloud must provide integrated storage and management services, because the Personalized Content Service is distributed and managed through each device and web-service. The personalized content service provides an environment for the storage/operation/management of downloaded public contents (e.g. movies, music, dramas, etc.) and management tools and personalized retrieval. The Privacy Service needs to protect personal information that is shared in order to provide services based on individual personal information. It is possible to protect personal information and user personal data (videos, pictures, files, etc.) among users, service providers, and a data auditor through International Journal of Advancements in Computing Technology(IJACT) Volume5, Number13, September
2 double encryption, even if data leakage and loss occurs [2]. In this paper, Section 2 gives an overview of the related existing AC methods. Section 3 defines the requirements and proposes a personal cloud AC framework and use-case. Section 4 analyzes the proposed framework through a comparison with distributed access control. Section 5 concludes the paper. 2. Related Access Control Methods Several researchers have previously addressed the access control issues of cloud computing [9-10]. Personal Cloud AC employs XACML and RBAC based on the Personal Cloud reference model. Also, we need to look into the Distributed Access Control Architecture (DACA) for a performance evaluation. 2.1 XACML extensible Access Control Markup Language (XACML) defines the syntax for a policy language and the semantics for processing those policies. There is also a request and response format to query the policy system, and semantics for determining the applicability of the policies to requests [4]. 2.2 Role-Based Access Control (RBAC) [3] The authors of [3] presented the Role-Based Access Control (RBAC), in which roles are created by the system administrator to represent specific task competencies that determine the resource types and what each role can access. Individual users are assigned to certain roles according to their job functions. Each role is associated with a set of permissions. A many-to-many mapping exists between the users and roles and between roles and permissions. 2.3 A Distributed Access Control Architecture (DACA) for Cloud Computing The distributed access control architecture for multitenant and virtualized environments is based on the principles from security management and software engineering. As shown in Figure 2, this architecture consists of an Access Control Module (ACM, Figure 1), a Virtual Resource Manager (VRM), and a Service-Level Agreement (SLA, Figure 1) [6]. They adopted an XML-based specification due to its compatibility with the emerging standards for cloud systems and security protocols, with the ultimate goal being that the proposed architecture should be interoperable with complementary security protocols for cloud systems [7]. Figure 2. DAC Architecture Figure 1. AC Module and SLA Module 222
3 3. Personal Cloud Access Control 3.1 Requirements of Personal Cloud AC We defined several requirements of Personal Cloud access control of a generic AC model for collaborative environments that should be supported as follows: Ÿ Compatibility with Previous Security Policy: Access control of personal cloud services must be compatible with security policies of existing services, web-services, or cloud services, rather than creating individual service-based security policies Ÿ Establish an Individual Security Policy: Personal cloud service is managed independently by Cloud Service Providers (CSPs). In this sense, each CSP should establish an individual security policy to manage them. Ÿ Cloud Service Collaboration and Inter-Cloud: A user and service should be certified automatically in corresponding services for cloud service collaboration and inter-cloud by the AC model. Ÿ User Privacy Guarantee: The access control model should be able to protect against any violations of privacy in the personal cloud. A CSP manager can violate the user privacy, so the model should support the user privacy protection from the CSP by using a temporary ID. Ÿ 3rd-Party Auditor: The access control model needs a trusted 3rd-party auditor for verification and compliance regarding the collaboration service. Ÿ Access Control based SLA: All of the service providers should ensure an SLA for the QoS based on established access control policies. 3.2 Personal Cloud AC Framework This framework employs a well-known access control scheme such as RBAC, XACML, etc. In this sense, our proposed framework can be adopted by the other existing access control systems. Figure 3 shows the Personal Cloud AC framework, and the descriptions are as follows: Figure 3. Personal Cloud AC Framework Ÿ User (Client) requests service access to CoSP using their own device with personal information. Ÿ Collaboration Service Provider (CoSP) provides user authentication by the 3rd party SP. - Policy Enforcement Point (PEP): With the service access request, the PEP verifies 223
4 credentials from the 3rd party SP regarding user authentication in accordance with the user s service information. Then the credential verification publishes an access token based on the service information and authority. Ÿ The Cloud Service Provider (CSP) is composed of PDP, PIP, and PAP, which are described as follows, and it is able to generate, determine, store and delete the security policy. - Policy Decision Point (PDP) requests access policy and user role information in order to verify authority. The permission check module compares the access control list, user role and access policy, and then decides permission. - Policy Information Point (PIP) stores security policy-related cloud service and user permission in each service. - Policy Administration Point (PAP) manages security policy and policy list. Ÿ The 3rd-Party Service Provider (SP) is in charge of user authentication and audit concerns for all service providers. 3.3 Use-case of the Personal Cloud AC Framework The proposed Personal Cloud AC Framework is not only supported in the single cloud provider, but also multiple cloud providers. Also, this framework is designed to focus on the collaboration contents service, so we need to examine cases of the Personal Cloud AC Framework in multiple cloud provider environments. Figure 4. Use-cases of the Personal Cloud AC Framework Figure 4 depicts two scenarios in which a user requests access to the service. Scenario (A) shows one access token including two authorizations for collaboration services. It must delegate the authorization and services. In scenario (B), the user requests access to both services at once. This scenario needs to merge both services in the CoSP. 4. Performance Analysis Table 1. Access Control System Parameters and Costs Notation Meaning Cost N U Req PEP Proc ED Trans PDP Proc DE Trans DD Trans C T # of CSP Packet Cost of user request for service Processing Cost for processing user request in PEP Transmit Cost between PEP and PDP Processing Cost for processing user request in PDP Transmit Cost between PDP and PEP Transmit Cost between PDP1 and PDP2 Total Cost
5 We compared the performance of the DACA and the Personal cloud Access Control Framework (PACF) with scenarios A and B. As shown in Table 1, we defined the access control system parameters and the benchmark costs of the PEP and PDP processing [8]. Practically, the DACA is not designed for the authentication process. Therefore, the performance analysis is focused on a comparison of the policy process costs. Also, we assume that all of the transmit costs and U Req are 0.001, and we exclude the SLA module and the authentication process DACA workflow The DACA has PEP and PDP in a Cloud Service Provider (CSP). The DACA sequence diagram is shown in Figure 5 based on the Access Control Module (ACM). Figure 5. Sequence Diagram of DACA As shown in Figure 5, if the user requests authorization to access N CSPs, the DACA needs authorization from each CSP. Therefore, the total cost, C T_DACA, is calculated as follows: _ = (1) So, _ = + ( ) (2) 4.2. Workflow of PACF (A) The PACF consists of PEP in the CoSP, a 3 rd Party in the outsource, and PDP in the CSP. The PEP is conducted in the CoSP, and is independent from a CSP. If an authorization is requested for multiple services, PEP generates the access token for accessing multiple services and then transfers the access token to the first PDP in CSP1. The first PDP checks permission and then transfers the second PDP. In this case (A), PEP generates one access token and provides successive authorization as follows: 225
6 Figure 6. Sequence Diagram of (A) The total cost of (A) of the PACF, CT_PACF_A, is calculated as follows: _ _ = (3) So, _ _ = ( + )+ (4) 4.3. Workflow of PACF (B) PACF (B) shows the case in which there are authorization requests for multiple services at once, in which case the PEP generates N access tokens and then transmits the access tokens to each PDP in the CSPs. Each PDP checks the permissions individually as follows: Figure 7. Sequence Diagram of (B) The total cost of (B) of the PACF, CT_PACF_B, is calculated as follows: _ _ = (5) So, _ _ = + + ( + ) (6) 4.4. Performance Analysis We compared DACA, PACF_A and PACF_B in Figure
7 Figure 8. Performance for Cost Analysis As shown in Figure 8, even though the DACA is similar to other scenarios in a single cloud environment, the cost is increased when the number of CSPs increases. However, the cost of PACFAB is increased less when the number of CSPs increases. This proves through a cost analysis that PACF is appropriate when providing collaboration services. 5. Conclusion In this paper, we designed an access control framework based on user requirements considering a personal cloud environment and cloud collaboration services. The personal cloud must be considered privacy and security for individual users. However, many previous studies have not focused on this area, and many questions remain unanswered. The contributions of this paper are three-fold. First, we propose Personal Cloud Access Control based on XACML. According to this concept, the Personal Cloud Access Control almost supports the access control system based on XACML. The proposed access control is focused on compatibility with the existing access control systems. Second, our proposed model offers independent management of the cloud service provider and flexible expandability through the division between PEP and PDP (including PIP and PAP). Finally, this framework supports user-centric collaboration services using an access token process. In the future, we will design more detailed authentication and authorization components. Also, we will make improvements to adapt our framework to more practical cloud environments. 6. Acknowledgements This work was supported by the IT R&D program of MKE/KEIT [ , Terminal Independent Personal Cloud System]. The Corresponding Author is Eui-Nam Huh. 7. References [1] Jose Rivera, Cloud Computing for Personal Use, The Epoch Times, [2] Eui-Nam Huh, Definition and Requirement Analysis of Personal Cloud Service, TTA Standard of Korea, [3] Sandhu, R.S. Coyne, E.J, Role-Based Access Control Models, IEEE Computer (IEEE Press), vol 29, no 2, pp , [4] R. Yavatkar, D. Pendarakis, R. Guerin, A Framework for Policy-based Admission Control, IETF Standard, RFC 2753,
8 [5] Sang-ho Na, Jun-young Park, Eui-nam Huh, Personal Cloud Computing Security Framework, IEEE APSCC 2010, , pp [6] Almutairi, A. Sarfraz, M., A Distributed Access Control Architecture for Cloud Computing, IEEE Software, vol 29, no 2, , pp [7] R. Bhatti, E. Bertino, and A. Ghafoor, X- Federate: A Policy Engineering Framework for Federated Access Management, IEEE Trans. Software Eng., vol. 32, no. 5, 2006, pp [8] Adam Bates, Ben Mood, Towards secure provenance-based access control in cloud environments, ACM CODASPY '13, , pp [9] D. Nurmi, R Wolski, The Eucalyptus Open-Source Cloud-Computing System, Proc. 9th IEEE/ACM Int l Symp. Cluster Computing and the Grid (CCGRID 09), IEEE CS, 2009, pp [10] S. Berger, Pendarakis D., Security for the Cloud Infrastructure: Trusted Virtual Data Center Implementation, IBM J. Research and Development, vol. 53, no. 4, 2009, pp
GENERIC SECURITY FRAMEWORK FOR CLOUD COMPUTING USING CRYPTONET
http:// GENERIC SECURITY FRAMEWORK FOR CLOUD COMPUTING USING CRYPTONET Manisha Dawra 1, Ramdev Singh 2 1 Al-Falah School of Engg. & Tech., Vill-Dhauj, Ballabgarh-Sohna Road, Faridabad, Haryana (INDIA)-121004
More informationA Design of Access Control Framework for User Identification Based on Personal Cloud
, pp.17-21 http://dx.doi.org/10.14257/astl.2014.49.04 A Design of Access Control Framework for User Identification Based on Personal Cloud Byung-Wook Jin and Keun-Wang Lee Department of Computer Science,
More informationHow To Secure Cloud Computing, Public Auditing, Security, And Access Control In A Cloud Storage System
REVIEW ARTICAL A Novel Privacy-Preserving Public Auditing and Secure Searchable Data Cloud Storage Dumala Harisha 1, V.Gouthami 2 1 Student, Computer Science & Engineering-Department, JNTU Hyderabad India
More informationAccess Control of Cloud Service Based on UCON
Access Control of Cloud Service Based on UCON Chen Danwei, Huang Xiuli, and Ren Xunyi Nanjing University of posts & Telecommunications, New Model Street No.66, 210003, Nanjing, China chendw@njupt.edu.cn,
More informationA Robust Multimedia Contents Distribution over IP based Mobile Networks
, pp. 283-288 http://dx.doi.org/10.14257/ijseia.2015.9.9.24 A Robust Multimedia Contents Distribution over IP based Mobile Networks Ronnie D. Caytiles, Seungyong Shin and Byungjoo Park * Multimedia Engineering
More informationNear Sheltered and Loyal storage Space Navigating in Cloud
IOSR Journal of Engineering (IOSRJEN) e-issn: 2250-3021, p-issn: 2278-8719 Vol. 3, Issue 8 (August. 2013), V2 PP 01-05 Near Sheltered and Loyal storage Space Navigating in Cloud N.Venkata Krishna, M.Venkata
More informationSECURE INFORMATION INTEGRATION WITH A SEMANTIC WEB-BASED FRAMEWORK
SECURE INFORMATION INTEGRATION WITH A SEMANTIC WEB-BASED FRAMEWORK Pranav Parikh, Murat Kantarcioglu, Vaibhav Khadilkar, Bhavani Thuraisingham, Latifur Khan The University of Texas at Dallas Abstract In
More informationCloud-based Identity and Access Control for Diagnostic Imaging Systems
Cloud-based Identity and Access Control for Diagnostic Imaging Systems Weina Ma and Kamran Sartipi Department of Electrical, Computer and Software Engineering University of Ontario Institute of Technology
More informationSECURE CLOUD STORAGE PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD
Volume 1, Issue 7, PP:, JAN JUL 2015. SECURE CLOUD STORAGE PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD B ANNAPURNA 1*, G RAVI 2*, 1. II-M.Tech Student, MRCET 2. Assoc. Prof, Dept.
More informationOpenHRE Security Architecture. (DRAFT v0.5)
OpenHRE Security Architecture (DRAFT v0.5) Table of Contents Introduction -----------------------------------------------------------------------------------------------------------------------2 Assumptions----------------------------------------------------------------------------------------------------------------------2
More informationImproving data integrity on cloud storage services
International Journal of Engineering Science Invention ISSN (Online): 2319 6734, ISSN (Print): 2319 6726 Volume 2 Issue 2 ǁ February. 2013 ǁ PP.49-55 Improving data integrity on cloud storage services
More informationAdopting Provenance-Based Access Control in OpenStack Cloud IaaS
Adopting Provenance-Based Access Control in OpenStack Cloud IaaS Dang Nguyen, Jaehong Park, and Ravi Sandhu Institute for Cyber Security, University of Texas at San Antonio ytc141@my.utsa.edu, {jae.park,ravi.sandhu}@utsa.edu
More informationACCESS DEFINED CLOUD BASED MULTIVARIANT RESPONSE SYSTEM WITH CACHING
ACCESS DEFINED CLOUD BASED MULTIVARIANT RESPONSE SYSTEM WITH CACHING G. Janaki 1, M. Menaka 2 1,2 Computer science Department, Kingston engineering college, (India) ABSTRACT In the recent trends of computer
More informationCloud Access Security Broker (CASB): A pattern for secure access to cloud services
Cloud Access Security Broker (CASB): A pattern for secure access to cloud services EDUARDO B. FERNANDEZ, Florida Atlantic University NOBUKAZU YOSHIOKA, National Institute of Informatics HIRONORI WASHIZAKI,
More informationBringing Cloud Security Down to Earth. Andreas M Antonopoulos Senior Vice President & Founding Partner www.nemertes.com
Bringing Cloud Security Down to Earth Andreas M Antonopoulos Senior Vice President & Founding Partner www.nemertes.com Agenda About Nemertes Cloud Dynamics and Adoption Assessing Risk of Cloud Services
More informationUsage Control in Cloud Systems
Usage Control in Cloud Systems Paolo Mori Istituto di Informatica e Telematica Consiglio Nazionale delle Ricerche Pisa Italy Agenda Examples of usage of Cloud services Usage Control Model Policy Language
More informationA Proxy-Based Data Security Solution in Mobile Cloud
, pp. 77-84 http://dx.doi.org/10.14257/ijsia.2015.9.5.08 A Proxy-Based Data Security Solution in Mobile Cloud Xiaojun Yu 1,2 and Qiaoyan Wen 1 1 State Key Laboratory of Networking and Switching Technology,
More informationDecentralized Information Accountability Framework for Information Sharing In Cloud Environment
Decentralized Information Accountability Framework for Information Sharing In Cloud Environment Deepthi Srinivas, Shylaja BR, Rajeev RK, Muruli R 1 BNM Institute of technology 2,3,4 Rai Technology University
More informationSWIFT Identity Management Model
ENHANCING THE SECURITY FRAMEWORK SECURECLOUD WITH THE SWIFT IDENTITY MANAGEMENT FRAMEWORK Abdulrahman H. Altalhi 1, Zailani Mohamed Sidek 2, Norjihan Abdul Ghani 3, Fazidah Othman 4 and Maged Abdelkhaleq
More informationMulti Tenancy Access Control Using Cloud Service in MVC
Multi Tenancy Access Control Using Cloud Service in MVC 1 Sonia Gupta, 2 Rubal Choudary Indo Global College of Engg, Abhipur, Mohali Abstract - Cloud Computing is the next generation Internet service and
More informationWeb Applications Access Control Single Sign On
Web Applications Access Control Single Sign On Anitha Chepuru, Assocaite Professor IT Dept, G.Narayanamma Institute of Technology and Science (for women), Shaikpet, Hyderabad - 500008, Andhra Pradesh,
More informationIdentity, Privacy, and Data Protection in the Cloud XACML. David Brossard Product Manager, Axiomatics
Identity, Privacy, and Data Protection in the Cloud XACML David Brossard Product Manager, Axiomatics 1 What you will learn The issue with authorization in the cloud Quick background on XACML 3 strategies
More informationWhite Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution
White Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution Federation and Attribute Based Access Control Page 2 Realization of the IAM (R)evolution Executive Summary Many organizations
More informationA Semantic Approach for Access Control in Web Services
A Semantic Approach for Access Control in Web Services M. I. Yagüe, J. Mª Troya Computer Science Department, University of Málaga, Málaga, Spain {yague, troya}@lcc.uma.es Abstract One of the most important
More informationEntitlements Access Management for Software Developers
Entitlements Access Management for Software Developers Market Environment The use of fine grained entitlements and obligations control for access to sensitive information and services in software applications
More informationDELEGATING LOG MANAGEMENT TO THE CLOUD USING SECURE LOGGING
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology ISSN 2320 088X IJCSMC, Vol. 3, Issue.
More informationCloud Policy Model in the Desktop Management System
I.J.Modern Education and Computer Science, 2010, 1, 24-31 Published Online November 2010 in MECS (http://www.mecs-press.org/) Cloud Policy Model in the Desktop Management System Fang Zhao Beijing Forestry
More informationSecure Privacy Preserving Public Auditing for Cloud storage
Secure Privacy Preserving Public Auditing for Cloud storage Sathiskumar R 1, Dr.Jeberson Retnaraj 2 Department of Information Technology, Sathyabama University, Chennai, India 1 Department of Information
More informationgoberlin a Trusted Cloud Marketplace for Governmental and Commercial Services
goberlin a Trusted Cloud Marketplace for Governmental and Commercial Services Data Protection and Security Considerations in an egovernment Cloud in Germany Dr. Klaus-Peter Eckert Public Sector Cloud Forum
More informationContext-Aware Role Based Access Control Using User Relationship
International Journal of Computer Theory and Engineering, Vol. 5, No. 3, June 2013 Context-Aware Role Based Access Control Using User Relationship Kangsoo Jung and Seog Park We suggest relationship-based
More informationAEIJST - June 2015 - Vol 3 - Issue 6 ISSN - 2348-6732. Cloud Broker. * Prasanna Kumar ** Shalini N M *** Sowmya R **** V Ashalatha
Abstract Cloud Broker * Prasanna Kumar ** Shalini N M *** Sowmya R **** V Ashalatha Dept of ISE, The National Institute of Engineering, Mysore, India Cloud computing is kinetically evolving areas which
More informationA survey on cost effective multi-cloud storage in cloud computing
A survey on cost effective multi-cloud storage in cloud computing Nitesh Shrivastava, Ganesh Kumar Abstract As novel storage model, cloud storage has gain attentions from both the academics and industrial
More informationSecure Data Sharing in Cloud Computing using Hybrid cloud
International Journal of Electronics and Computer Science Engineering 144 Available Online at www.ijecse.org ISSN: 2277-1956 Secure Data Sharing in Cloud Computing using Hybrid cloud Er. Inderdeep Singh
More informationFederation Proxy for Cross Domain Identity Federation
Proxy for Cross Domain Identity Makoto Hatakeyama NEC Corporation, Common Platform Software Res. Lab. 1753, Shimonumabe, Nakahara-Ku, Kawasaki, Kanagawa 211-8666, Japan +81-44-431-7663 m-hatake@ax.jp.nec.com
More informationAN IMPLEMENTATION OF E- LEARNING SYSTEM IN PRIVATE CLOUD
AN IMPLEMENTATION OF E- LEARNING SYSTEM IN PRIVATE CLOUD M. Lawanya Shri 1, Dr. S. Subha 2 1 Assistant Professor,School of Information Technology and Engineering, Vellore Institute of Technology, Vellore-632014
More informationData Integrity for Secure Dynamic Cloud Storage System Using TPA
International Journal of Electronic and Electrical Engineering. ISSN 0974-2174, Volume 7, Number 1 (2014), pp. 7-12 International Research Publication House http://www.irphouse.com Data Integrity for Secure
More informationAdopting Provenance-Based Access Control in OpenStack Cloud IaaS
Adopting Provenance-Based Access Control in OpenStack Cloud IaaS Dang Nguyen, Jaehong Park, and Ravi Sandhu Institute for Cyber Security, University of Texas at San Antonio ytc141@my.utsa.edu, {jae.park,
More informationSecureCloud: Towards a Comprehensive Security Framework for Cloud Computing Environments
2010 34th Annual IEEE Computer Software and Applications Conference Workshops SecureCloud: Towards a Comprehensive Security Framework for Cloud Computing Environments Hassan Takabi School of Information
More informationExtending XACML for Open Web-based Scenarios
Extending XACML for Open Web-based Scenarios Claudio A. Ardagna 1, Sabrina De Capitani di Vimercati 1, Stefano Paraboschi 2, Eros Pedrini 1, Pierangela Samarati 1, Mario Verdicchio 2 1 DTI - Università
More informationCloud Computing: Computing as a Service. Prof. Daivashala Deshmukh Maharashtra Institute of Technology, Aurangabad
Cloud Computing: Computing as a Service Prof. Daivashala Deshmukh Maharashtra Institute of Technology, Aurangabad Abstract: Computing as a utility. is a dream that dates from the beginning from the computer
More informationCryptoNET: Security Management Protocols
CryptoNET: Security Management Protocols ABDUL GHAFOOR ABBASI, SEAD MUFTIC CoS, School of Information and Communication Technology Royal Institute of Technology Borgarfjordsgatan 15, SE-164 40, Kista,
More informationAuthentication and Authorization Systems in Cloud Environments
Authentication and Authorization Systems in Cloud Environments DAVIT HAKOBYAN Master of Science Thesis Stockholm, Sweden 2012 TRITA-ICT-EX-2012:203 Abstract The emergence of cloud computing paradigm offers
More informationDynamic Access Control Infrastructure for On-demand Provisioned Cloud Services
Dynamic Access Control Infrastructure for On-demand Provisioned Cloud Services Canh Ngo SNE Group, University of Amsterdam OGF-ISOD 33 September 19-21, 2011 Lyon, 2011 Agenda Introduction Scenario Motivation
More information15-2394-3696 RIGOROUS PUBLIC AUDITING SUPPORT ON SHARED DATA STORED IN THE CLOUD BY PRIVACY-PRESERVING MECHANISM
RIGOROUS PUBLIC AUDITING SUPPORT ON SHARED DATA STORED IN THE CLOUD BY PRIVACY-PRESERVING MECHANISM Dhanashri Bamane Vinayak Pottigar Subhash Pingale Department of Computer Science and Engineering SKN
More informationPrivacy-preserving Digital Identity Management for Cloud Computing
Privacy-preserving Digital Identity Management for Cloud Computing Elisa Bertino bertino@cs.purdue.edu Federica Paci paci@cs.purdue.edu Ning Shang nshang@cs.purdue.edu Rodolfo Ferrini rferrini@purdue.edu
More informationVerifying Correctness of Trusted data in Clouds
Volume-3, Issue-6, December-2013, ISSN No.: 2250-0758 International Journal of Engineering and Management Research Available at: www.ijemr.net Page Number: 21-25 Verifying Correctness of Trusted data in
More informationChapter 2 Taxonomy and Classification of Access Control Models for Cloud Environments
Chapter 2 Taxonomy and Classification of Access Control Models for Cloud Environments Abhishek Majumder, Suyel Namasudra and Samir Nath Abstract Cloud computing is an emerging and highly attractive technology
More informationDevelopment of a User Management Module for Internet TV Systems
, pp.43-56 http://dx.doi.org/10.14257/ijmue.2015.10.11.05 Development of a User Management Module for Internet TV Systems Kangjai Lee 1 and Jaegeol Yim 2* 1 Dept. of Computer Information, Suwon Science
More informationPerformance Measuring in Smartphones Using MOSES Algorithm
Performance Measuring in Smartphones Using MOSES Algorithm Ms.MALARVIZHI.M, Mrs.RAJESWARI.P ME- Communication Systems, Dept of ECE, Dhanalakshmi Srinivasan Engineering college, Perambalur, Tamilnadu, India,
More informationIntroduction to SAML
Introduction to THE LEADER IN API AND CLOUD GATEWAY TECHNOLOGY Introduction to Introduction In today s world of rapidly expanding and growing software development; organizations, enterprises and governments
More informationKerberos SecureSingleSign-onAuthenticationProtocolFrameworkforCloudAccessControl
Global Journal of Computer Science and Technology: B Cloud and Distributed Volume 14 Issue 1 Version 1.0 Year 2014 Type: Double Blind Peer Reviewed International Research Journal Publisher: Global Journals
More informationDATA SECURITY IN CLOUD USING ADVANCED SECURE DE-DUPLICATION
DATA SECURITY IN CLOUD USING ADVANCED SECURE DE-DUPLICATION Hasna.R 1, S.Sangeetha 2 1 PG Scholar, Dhanalakshmi Srinivasan College of Engineering, Coimbatore. 2 Assistant Professor, Dhanalakshmi Srinivasan
More informationA Secure and Dependable Cloud Storage Service in Cloud Computing
A Secure and Dependable Cloud Storage Service in Cloud Computing Yalla Ram Charan MTech Student Department of CSE Sri Venkateswra College of Engineering & Technology Abstract: Cloud storage is a model
More informationIndex Terms: Cloud Computing, Cloud Security, Mitigation Attack, Service Composition, Data Integrity. 1. Introduction
Real-Time Service Composition and Deployment for Secure Computing in Cloud Environment R. Ushadevi 1, V. Rajamani 2 1 Research Scholar, Department of Computer Applications, St. Peter s University, Chennai
More informationCloud Information Accountability Framework for Auditing the Data Usage in Cloud Environment
International Journal of Computational Engineering Research Vol, 03 Issue, 11 Cloud Information Accountability Framework for Auditing the Data Usage in Cloud Environment D.Dhivya 1, S.CHINNADURAI 2 1,M.E.(Cse),
More informationInter-domain authorization and delegation for business-to-business e-commerce.
Inter-domain authorization and delegation for business-to-business e-commerce. Pietro Michiardi and Refik Molva {First Name.Last Name}@eurecom.fr Institut Eurécom, 2229 Route des Crêtes BP 193 06904 Sophia-Antipolis
More informationSecurity Considerations for Public Mobile Cloud Computing
Security Considerations for Public Mobile Cloud Computing Ronnie D. Caytiles 1 and Sunguk Lee 2* 1 Society of Science and Engineering Research Support, Korea rdcaytiles@gmail.com 2 Research Institute of
More informationRole Based Encryption with Efficient Access Control in Cloud Storage
Role Based Encryption with Efficient Access Control in Cloud Storage G. V. Bandewar 1, R. H. Borhade 2 1 Department of Information Technology, Sinhgad Technical Education Society s SKNCOE, Pune, India
More informationEnabling Public Accountability and Data Sharing for Storage Security in Cloud Computing
VOLUME 1, NUMBER 1, JUNE 2014 OPEN JOURNAL OF INFORMATION SECURITY AND APPLICATIONS Enabling Public Accountability and Data Sharing for Storage Security in Cloud Computing K. Mohammed Aaqib Ameen, A. Anny
More informationCLOUD-HOSTED PROXY BASED COLLABORATION IN MULTI- CLOUD COMPUTING ENVIRONMENTS WITH ABAC METHODS
CLOUD-HOSTED PROXY BASED COLLABORATION IN MULTI- CLOUD COMPUTING ENVIRONMENTS WITH ABAC METHODS Shilpa G S 1, Maria Navin J R 2 1 PG Student, Dept. of Computer Science and Engineering, SVCE Bangalore,
More informationA Secure & Efficient Data Integrity Model to establish trust in cloud computing using TPA
A Secure & Efficient Data Integrity Model to establish trust in cloud computing using TPA Mr.Mahesh S.Giri Department of Computer Science & Engineering Technocrats Institute of Technology Bhopal, India
More informationApplication Based Access Control on Cloud Networks for Data Security
Application Based Access Control on Cloud Networks for Data Security Ms. Smitha P M.Tech in DCN, Department of ECE GSSSIETW, Mysuru Karnataka, India Smitha.21sn @gmail.com Mrs. Manjula G Associate. Proffesor,
More informationEffective Third Party Auditing in Cloud Computing
2014 28th International Conference on Advanced Information Networking and Applications Workshops Effective Third Party Auditing in Cloud Computing Mohammed Hussain and Mohamed Basel Al-Mourad Department
More informationpreliminary experiment conducted on Amazon EC2 instance further demonstrates the fast performance of the design.
Privacy-Preserving Public Auditing For Secure Cloud Storage ABSTRACT: Using cloud storage, users can remotely store their data and enjoy the on-demand high-quality applications and services from a shared
More informationSecure Data transfer in Cloud Storage Systems using Dynamic Tokens.
Secure Data transfer in Cloud Storage Systems using Dynamic Tokens. P.Srinivas *,K. Rajesh Kumar # M.Tech Student (CSE), Assoc. Professor *Department of Computer Science (CSE), Swarnandhra College of Engineering
More informationDomain 12: Guidance for Identity & Access Management V2.1
Domain 12: Guidance for Identity & Access Management V2.1 Prepared by the Cloud Security Alliance April 2010 Introduction The permanent and official location for this Cloud Security Alliance Domain 12
More informationImplementing XML-based Role and Schema Migration Scheme for Clouds
Implementing XML-based Role and Schema Migration Scheme for Clouds Gurleen Kaur 1, Sarbjeet Singh 2 Computer Science and Engineering, UIET Panjab University, Chandigarh, India 1 gurleenturka@gmail.com
More informationControl and management of privileged users
Control and management of privileged users The secure solution for monitoring and recording privileged users Visulox The complete Access Management Solution ToolBox Solution GmbH, established in 2003,
More informationProfile-Based Access Control in Cloud Computing Environments with applications in Health Care Systems
Profile-Based Access Control in Cloud Computing Environments with applications in Health Care Systems By Umair Mukhtar Ahmed Naushahi A thesis submitted to the Department of Computer Science In conformity
More informationPrivacy Evaluation Model for Personal Cloud Service
Privacy Evaluation Model for Personal Cloud Service SANG-HO NA EUI-NAM HUH Computer Engineering, Electronic and Information College KyungHee University, Global Campus Seocheon-dong, Giheung-gu, Yongin-si,
More informationKeywords Cloud Storage, Error Identification, Partitioning, Cloud Storage Integrity Checking, Digital Signature Extraction, Encryption, Decryption
Partitioning Data and Domain Integrity Checking for Storage - Improving Cloud Storage Security Using Data Partitioning Technique Santosh Jogade *, Ravi Sharma, Prof. Rajani Kadam Department Of Computer
More informationReview of Cloud Computing Architecture for Social Computing
Review of Cloud Computing Architecture for Social Computing Vaishali D. Dhale M.Tech Student Dept. of Computer Science P.I.E.T. Nagpur A. R. Mahajan Professor & HOD Dept. of Computer Science P.I.E.T. Nagpur
More informationA Federated Authorization and Authentication Infrastructure for Unified Single Sign On
A Federated Authorization and Authentication Infrastructure for Unified Single Sign On Sascha Neinert Computing Centre University of Stuttgart Allmandring 30a 70550 Stuttgart sascha.neinert@rus.uni-stuttgart.de
More informationLogical Data Models for Cloud Computing Architectures
Logical Data Models for Cloud Computing Architectures Augustine (Gus) Samba, Kent State University Describing generic logical data models for two existing cloud computing architectures, the author helps
More informationUsing XACML Policies as OAuth Scope
Using XACML Policies as OAuth Scope Hal Lockhart Oracle I have been exploring the possibility of expressing the Scope of an OAuth Access Token by using XACML policies. In this document I will first describe
More informationRole Based Access Control and the JXTA Peer-to-Peer Framework
Role Based Access Control and the JXTA Peer-to-Peer Framework Amit Mathur Symantec Corporation Cupertino, California Suneuy Kim Department of Computer Science San José State University San José, California
More informationEvaluation of different Open Source Identity management Systems
Evaluation of different Open Source Identity management Systems Ghasan Bhatti, Syed Yasir Imtiaz Linkoping s universitetet, Sweden [ghabh683, syeim642]@student.liu.se 1. Abstract Identity management systems
More informationRSA BASED CPDP WITH ENCHANCED CLUSTER FOR DISTRUBED CLOUD STORAGE SERVICES
RSA BASED CPDP WITH ENCHANCED CLUSTER FOR DISTRUBED CLOUD STORAGE SERVICES 1 MD ISMAIL Z, 2 ASHFAQUE AHAMED K. 1 PG Scholar,Department of Computer Science, C.Abdul Hakeem College Of Arts and Science,Melvisharam.
More informationProviding Data Protection as a Service in Cloud Computing
International Journal of Scientific and Research Publications, Volume 3, Issue 6, June 2013 1 Providing Data Protection as a Service in Cloud Computing Sunumol Cherian *, Kavitha Murukezhan ** * Department
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,
More informationAn SAML Based SSO Architecture for Secure Data Exchange between User and OSS
An SAML Based SSO Architecture for Secure Data Exchange between User and OSS Myungsoo Kang 1, Choong Seon Hong 1,Hee Jung Koo 1, Gil Haeng Lee 2 1 Department of Computer Engineering, Kyung Hee University
More informationXACML and Access Management. A Business Case for Fine-Grained Authorization and Centralized Policy Management
A Business Case for Fine-Grained Authorization and Centralized Policy Management Dissolving Infrastructures A recent Roundtable with CIOs from a dozen multinational companies concurred that Identity &
More informationTwo patterns for web services security
Two patterns for web services security Eduardo B. Fernandez Dept. of Computer Science and Engineering Florida Atlantic University Boca Raton, FL 3343, USA Abstract Patterns are widely used in software
More informationA Model for Access Control Management in Distributed Networks
A Model for Access Control Management in Distributed Networks Master of Science Thesis Azadeh Bararsani Supervisor/Examiner: Dr. Johan Montelius Royal Institute of Technology (KTH), Stockholm, Sweden,
More informationSelective dependable storage services for providing security in cloud computing
Selective dependable storage services for providing security in cloud computing Gade Lakshmi Thirupatamma*1, M.Jayaram*2, R.Pitchaiah*3 M.Tech Scholar, Dept of CSE, UCET, Medikondur, Dist: Guntur, AP,
More informationLetsVi: A Collaborative Video Editing Tool Based on Cloud Storage
LetsVi: A Collaborative Video Editing Tool Based on Cloud Storage Hyeong-Bae An Department of Electrical/Electronic and Computer Engineering, University of Ulsan, Nam-gu, Ulsan, South Korea. E-mail: ahb910306@gmail.com
More informationPRIVACY AWARE ACCESS CONTROL FOR CLOUD-BASED DATA PLATFORMS
www.openi-ict.eu Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal Cloudlets PRIVACY AWARE ACCESS CONTROL FOR CLOUD-BASED DATA PLATFORMS Open-Source,
More informationCloud Computing Service Models, Types of Clouds and their Architectures, Challenges.
Cloud Computing Service Models, Types of Clouds and their Architectures, Challenges. B.Kezia Rani 1, Dr.B.Padmaja Rani 2, Dr.A.Vinaya Babu 3 1 Research Scholar,Dept of Computer Science, JNTU, Hyderabad,Telangana
More informationTowards secure and consistency dependable in large cloud systems
Volume :2, Issue :4, 145-150 April 2015 www.allsubjectjournal.com e-issn: 2349-4182 p-issn: 2349-5979 Impact Factor: 3.762 Sahana M S M.Tech scholar, Department of computer science, Alvas institute of
More informationAAA in a Cloud-Based Virtual DIME Network Architecture (DNA)
AAA in a Cloud-Based Virtual DIME Network Architecture (DNA) Francesco Tusa, Antonio Celesti Dept. of Mathematics, Faculty of Engineering, University of Messina Contrada di Dio, S. Agata, 98166 Messina,
More informationADVANCE SECURITY TO CLOUD DATA STORAGE
Journal homepage: www.mjret.in ADVANCE SECURITY TO CLOUD DATA STORAGE ISSN:2348-6953 Yogesh Bhapkar, Mitali Patil, Kishor Kale,Rakesh Gaikwad ISB&M, SOT, Pune, India Abstract: Cloud Computing is the next
More informationDistributed auditing mechanism in order to strengthen user s control over data in Cloud computing Environment
Distributed auditing mechanism in order to strengthen user s control over data in Cloud computing Environment Chandra Sekhar Murakonda M.Tech Student, Department of Computer Science Engineering, NRI Institute
More informationUsing Subject- and Object-specific Attributes for Access Control in Web-based Knowledge Management Systems
Using Subject- and Object-specific Attributes for Access Control in Web-based Knowledge Management Systems Gerald Stermsek, Mark Strembeck, Gustaf Neumann Department of Information Systems, New Media Lab
More informationTechnical. Overview. ~ a ~ irods version 4.x
Technical Overview ~ a ~ irods version 4.x The integrated Ru e-oriented DATA System irods is open-source, data management software that lets users: access, manage, and share data across any type or number
More informationA Secure Decentralized Access Control Scheme for Data stored in Clouds
A Secure Decentralized Access Control Scheme for Data stored in Clouds Priyanka Palekar 1, Abhijeet Bharate 2, Nisar Anjum 3 1 SKNSITS, University of Pune 2 SKNSITS, University of Pune 3 SKNSITS, University
More informationDelegation for On-boarding Federation Across Storage Clouds
Delegation for On-boarding Federation Across Storage Clouds Elliot K. Kolodner 1, Alexandra Shulman-Peleg 1, Gil Vernik 1, Ciro Formisano 2, and Massimo Villari 3 1 IBM Haifa Research Lab, Israel 2 Engineering
More informationFlexible Identity Federation
Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services
More informationCloud Computing. What is Cloud Computing?
Cloud Computing What is Cloud Computing? Cloud computing is where the organization outsources data processing to computers owned by the vendor. Primarily the vendor hosts the equipment while the audited
More informationA Novel Method for Storage Security in Cloud Computing D. Kanchana, Dr. S. Dhandapani
A Novel Method for Storage Security in Cloud Computing D. Kanchana, Dr. S. Dhandapani Abstract Cloud computing is a model for delivering information technology services in which resources are retrieved
More information