Have a personal or library account? Click to login
A Comprehensive Survey and Analysis on Access Control Schemes in Cloud Environment Cover

A Comprehensive Survey and Analysis on Access Control Schemes in Cloud Environment

Cybernetics and Information Technologies
Volume 16 (2016): Issue 1 (March 2016)
By: P. G. Shynu and  K. John Singh  
Open Access
|Apr 2016

References

  1. 1. Mell, P., T. Grance. The NIST Definition of Cloud, National Institute of Standards and Technology, 2011.10.6028/NIST.SP.800-145
    Search in Google Scholar
  2. 2. Wang, C., Q. Wang, K. Ren, W. Lou. Ensuring Data Storage inn Cloud Computing. – In: Proc. of 17th International Workshop on Quality of Service, 2009.
    Search in Google Scholar
  3. 3. Wang, Z. Security and Privacy Issues within the Cloud Computing. – In: Proc. of 2011 International Conference on Computational and Information Sciences, IEEE, 2011.10.1109/ICCIS.2011.247
    Search in Google Scholar
  4. 4. Hubbard, D. W., H. Z. Sutton. Top Threats to Cloud Computing. V1.0. 2010.
    Search in Google Scholar
  5. 5. Subashini, S., V. Kavitha. A Survey on Security Issues in Service Delivery Models of Cloud Computing. – Journal of Network and Computer Applications, Vol. 34, January 2011, No 1, pp. 1-11.10.1016/j.jnca.2010.07.006
    Search in Google Scholar
  6. 6. Robert, D., T. Stephen. A Survey on Securing the Virtual Cloud. – Journal of Cloud Computing: Advances, Systems and Applications, Vol. 2, 2013, No 1, pp. 2-17.10.1186/2192-113X-2-17
    Search in Google Scholar
  7. 7. Clavister. Security in the Cloud. 2009. http://www.it-wire.nu/members/cla69/attachments/CLA_WP_SECURITY_IN_THE_CLOUD.pdf
    Search in Google Scholar
  8. 8. Anderson, R. Security Engineering: A Guide to Building Dependable Distributed Systems. John Wiley & Sons, 2010, p. 640.
    Search in Google Scholar
  9. 9. Ausanka Crues, R. Methods for Access Control: Advances and Limitations. 2004.
    Search in Google Scholar
  10. 10. Bell, D., L. La Padula. Secure Computer Systems: Mathematical Foundations. Bedford, MA, 1973.
    Search in Google Scholar
  11. 11. Biba, K. Integrity Considerations for Secure Computer Systems. MA, Bedford, 1977.
    Search in Google Scholar
  12. 12. Harris, S. Mike Meyers’ CISSP (R) Certification Passport. 1st Ed. McGraw-Hill, 2002, p. 422.
    Search in Google Scholar
  13. 13. Lampson, B. Protection. – In: Proc. of 5th Princeton Symposium on Information Sciences and Systems, Princeton University, 1971.
    Search in Google Scholar
  14. 14. Samarati, P., S. Vimercati. Access Control: Policies, Models, and Mechanisms. Foundations of Security Analysis and Design, 2001, pp. 137-196.10.1007/3-540-45608-2_3
    Search in Google Scholar
  15. 15. Laurie, B. Access Control. V0.1. 2009.10.1007/978-0-387-73003-5_2007
    Search in Google Scholar
  16. 16. Oh, S., S. Park. Task-Role-Based Access Control Model. – Information Systems, Vol. 28, September 2003, No 6, pp. 533-562.10.1016/S0306-4379(02)00029-7
    Search in Google Scholar
  17. 17. Suhendra, V. A Survey on Access Control Deployment. – Communications in Computer and Information Science, Vol. 259, 2011, pp. 11-20.10.1007/978-3-642-27189-2_2
    Search in Google Scholar
  18. 18. Hu, V. C., K. Scarfone. Guidelines for Access Control Ssystem Evaluation Metrics. 2012.10.6028/NIST.IR.7874
    Search in Google Scholar
  19. 29. Al-Kahtani, R. Sandhu. A Model for Attribute-Based User-Role Assignment. – In: Proc. of 18th Annual Computer Security Applications Conference (ACSAC’02), IEEE Comput. Society, 2002.
    Search in Google Scholar
  20. 20. Karp, A., H. Haury, M. Davis. From ABAC to ZBAC: The Evolution of Access Control Models. 2009.
    Search in Google Scholar
  21. 21. Brucker, A., L. Brugger, P. Kearney, B. Wolff. An Approach to Modular and Testable Security Models of Real-World Health-Care Applications. – In: Proc. of 16th ACM Symposium on Access Control Models and Technologies (SACMAT’11), 2011.10.1145/1998441.1998461
    Search in Google Scholar
  22. 22. Cheng, P., P. Rohatgi. Fuzzy Multi-Level Security. – In: Proc. of IEEE Symposium on Security and Privacy, 2007, SP’07, 2007.
    Search in Google Scholar
  23. 23. Choudhury, A., P. Kumar, M. Sain, H. Lim, H. Jae-Lee. A Strong User Authentication Framework for Cloud Computing. – In: 2011 IEEE Asia-Pacific Services Computing Conference, 2011.10.1109/APSCC.2011.14
    Search in Google Scholar
  24. 24. Crago, S., K. Dunn, P. Eads, L. Hochstein, M. Kang. Heterogeneous Cloud Computing. – In: Proc. of 2011 IEEE International Conference on Cluster Computing, IEEE, 2011.10.1109/CLUSTER.2011.49
    Search in Google Scholar
  25. 25. Patil, V., A. Mei, L. Mancini. Addressing Interoperability Issues in Access Control Models. – In: Proc. of 2nd ACM Symposium on Information, Computer and Communications Security ASIACCS’07, 2007.10.1145/1229285.1229337
    Search in Google Scholar
  26. 26. Hu, V., D. Kuhn, D. Ferraiolo. The Computational Complexity of Enforceability Validation for Generic Access Control Rule. – In: Proc. of IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC’06), IEEE, 2006.
    Search in Google Scholar
  27. 27. Keromytis, A., J. Smith. Requirements for Scalable Access Control and Security Management Architectures. – ACM Transactions on Internet Technology, Vol. 7, 2007, No 2.10.1145/1239971.1239972
    Search in Google Scholar
  28. 28. Jin, X., R. Krishnan, R. Sandhu. A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC. – In: Proc. of 26th Annual Conference on Data and Applications Security and Privacy IFIP WG 11.3, 2012.10.1007/978-3-642-31540-4_4
    Search in Google Scholar
  29. 29. Almutairi, A., M. Sarfraz, S. Basalamah. A Distributed Access Control Architecture for Cloud Computing. – In: Proc. of Softw. IEEE 2012, 2012.10.1109/MS.2011.153
    Search in Google Scholar
  30. 30. Ferraiolo, D., J. Barkley, D. Kuhn. A Role-Based Access Control Model and Reference Implementation within a Corporate Intranet. – ACM Transactions on Information and System Security (TISSEC), Vol. 2, 1999, No 1, pp. 34-64.10.1145/300830.300834
    Search in Google Scholar
  31. 31. Hasebe, K., M. Mabuchi, A. Matsushita. Capability-Based Delegation Model in RBAC. – In: Proc. of 15th ACM Symposium on Access Control Models and Technologies e SACMAT’10, New York, USA, 2010.10.1145/1809842.1809861
    Search in Google Scholar
  32. 32. Oh, S., S. Park. Task Role-Based Access Control Model. – Information Systems, Vol. 28, September 2003, No 6, pp. 533-562.10.1016/S0306-4379(02)00029-7
    Search in Google Scholar
  33. 33. Zhang, R., L. Liu, J. Li, Z. Han. RBTBAC: Secure Access and Management of EHR Data. – In: Proc. of 3rd International Workshop on e-Healthcare Information Security (e-HISec’2011), 2011.
    Search in Google Scholar
  34. 34. Tianyi, Z., L. Weidong, S. Jiaxing. An Efficient Role Based Access Control System for Cloud Computing. – In: Proc. of 11th International Conference on Computer and InformationTechnology, 2011 IEEE.10.1109/CIT.2011.36
    Search in Google Scholar
  35. 35. Jayaprakash, H. A., M. H. Gunes. Ensuring Access Control in Cloud Provisioned Healthcare Systems. – In: Proc. of Consumer Communications and Networking Conference (CCNC’11), 2011.
    Search in Google Scholar
  36. 36. Sun, L., H. Wang, J. Yong, G. Wu. Semantic Access Control for Cloud Computing Based on e-Healthcare. – In Proc. of 16th International Conference on Computer Supported Cooperative Work in Design (CSCWD’12), 2012 IEEE.10.1109/CSCWD.2012.6221866
    Search in Google Scholar
  37. 37. Tsai, W., Q. Shao. Role-Based Access Control Using Reference Ontology in Clouds. – In: Proc. of 10th International Symposium on Autonomous Decentralized Systems, 2011.10.1109/ISADS.2011.21
    Search in Google Scholar
  38. 38. Mon, E., T. Naing. The Privacy-Aware Access Control System Using Attribute-and Role-Based Access Control in Private Cloud. – In: Proc. of 4th IEEE International Conference on Broadband Network and Multimedia Technology, 2011.10.1109/ICBNMT.2011.6155974
    Search in Google Scholar
  39. 39. Ra, C. W. K., W. L. S. Yu. Achieving Secure, Scalable, and Fine-Grained Data Access. – In: Proc. of 29th IEEE International Conference on Information, 2010.
    Search in Google Scholar
  40. 40. Wan, Z., J. Liu, R. H. Deng. HASBE: A Hierarchical Attribute-Based Solution for Flexible and Scalable Access Control in Cloud Computing. – IEEE Transactions on Information Forensics and Security, Vol. 7, April 2012, No 2, pp. 743-754.10.1109/TIFS.2011.2172209
    Search in Google Scholar
  41. 41. Jeremy, H., L. Ben. Toward Hierarchical Identity-Based Encryption. – Lecture Notes in Computer Science, Advances in Cryptology – EUROCRYPT 2002, Vol. 2332, Springer Berlin Heidelberg, 2002, pp. 466-481.
    Search in Google Scholar
  42. 42. Xin, D., Y. Jiadi, L. Yuan, C. Yingying. Achieving an Effective, Scalable and Privacy-Preserving Data Sharing Service in Cloud Computing. – Computers & Security, Vol. 42, 2014, pp. 151-164.10.1016/j.cose.2013.12.002
    Search in Google Scholar
  43. 43. Liu, Q., G. Wang, J. Wub. Time-Based Proxy Re-Encryption Scheme for Secure Data Sharing in a Cloud Environment. – Information Sciences, Vol. 258, February 2014, No 10, pp. 355-370.10.1016/j.ins.2012.09.034
    Search in Google Scholar
  44. 44. Liu, H., Q. Xiong. Shared Authority Based Privacy-Preserving Authentication Protocol in Cloud Computing. – IEEE Transactions on Parallel and Distributed Systems, Vol. 26, January 2015, No 1, pp. 241-251.10.1109/TPDS.2014.2308218
    Search in Google Scholar
  45. 45. Nabeel, M., E. Bertino, B. Thuraisingham, M. Kantarcioglu. Towards Privacy Preserving Access Control in the Cloud. – In: Proc. of International Conference on Collaborative Computing: Networking, Aplications and Worksharing (CollaborateCom), Orlando, USA, 2011.
    Search in Google Scholar
  46. 46. Marian, H., F. Sascha, B. Michael, M. Thomas, S. Matthew. Towards Privacy-Preserving Access Control with Hidden Policies, Hidden Credentials and Hidden Decisions. – In: Proc. of 10th Annual International Conference on Privacy, Security and Trust, 2012.
    Search in Google Scholar
  47. 47. Hassan, T. Privacy Aware Access Control for Data Sharing in Cloud Computing Environments. – In: Proc. of 2nd International Workshop on Security in Cloud Computing, 2014.
    Search in Google Scholar
  48. 48. Huang, X., Q. Tao, B. Qin, Z. Liu. Multi-Authority Attribute Based Encryption Scheme with Revocation. – In: Proc. of 24th IEEE International Conference on Computer Communication and Networks (ICCCN’2015), 201510.1109/ICCCN.2015.7288431
    Search in Google Scholar
  49. 49. Sahai, A., B. Waters. Fuzzy Identity-Based Encryption. – In: Advances in Cryptology – Lecture Notes in Computer Science, Springer, 2005, pp. 457-473.10.1007/11426639_27
    Search in Google Scholar
  50. 50. Nali, D., C. Adams, A. Miri. Using Threshold Attribute Based Encryption for Practical Biometric-Based Access Control. – International Journal of Network Security, Vol. 1, 2005, No 3, pp. 173-182.
    Search in Google Scholar
  51. 51. Goyal, V., O. Pandey, A. Sahai, B. Waters. Attribute Based Encryption for Fine-Grained Access Control of Encrypted Data. – In: Proc. of 13th ACM Conference on Computer and Communications Security (CCS’06), November 2006.10.1145/1180405.1180418
    Search in Google Scholar
  52. 52. Bethencourt, J., A. Sahai, B. Waters. Ciphertext-Policy Attribute-Based Encryption. – In: Proc. of IEEE Symposium on Security and Privacy (SP’07), May 2007, pp. 321-334.10.1109/SP.2007.11
    Search in Google Scholar
  53. 53. Chase, M. Multi-Authority Attribute Based Encryption. – In: Proc. of 4th Conference on Theory of Cryptography TCC’07, 2007.
    Search in Google Scholar
  54. 54. Lin, H., Z. Cao, X. Liang, J. Shao. Secure Threshold Multi Authority Attribute Based Encryption Without a Central Authority. – Information Sciences, Vol. 180, 2010, No 13, pp. 2618-2632.10.1016/j.ins.2010.03.004
    Search in Google Scholar
  55. 55. Gennaro, R., S. Jarecki, H. Krawczyk, T. Rabin. Secure Distributed Key Generation for Discrete-Log Based Cryptosystems. – In: Proc. of Advances in Cryptology – EUROCRYPT’99, 1999.10.1007/3-540-48910-X_21
    Search in Google Scholar
  56. 56. Chase, M., S. S. M. Chow. Improving Privacy and Security in Multi-Authority Attribute-Based Encryption. – In: 16th ACM Conference on Computer and Communications, Chicago, Ill, USA, November 2009, pp. 121-130.10.1145/1653662.1653678
    Search in Google Scholar
  57. 57. Han, J., W. Susilo, Y. Mu, J. Yan. Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption. – IEEE Transactions on Parallel and DistributedSystems, Vol. 23, 2012, No 2, pp. 2150-2162.10.1109/TPDS.2012.50
    Search in Google Scholar
  58. 58. Lewko, A., B. Waters. Decentralizing Attribute-Based Encryption. – In: Advances in Cryptology, Lecture Notes in Computer Science, Heidelberg, Germany, Springer, 2011, pp. 568-588.10.1007/978-3-642-20465-4_31
    Search in Google Scholar
  59. 59. Raykova, M., H. Zhao, S. M. Bellovin. Privacy Enhanced Access Control for Outsourced Data Sharing. – In: Proc. of Financial Cryptography and Data Security, 2012.10.1007/978-3-642-32946-3_17
    Search in Google Scholar
DOI: https://doi.org/10.1515/cait-2016-0002 | Journal eISSN: 1314-4081 | Journal ISSN: 1311-9702
Journal RSS Feed
Language: English
Page range: 19 - 38
Published on: Apr 9, 2016
Published by: Bulgarian Academy of Sciences, Institute of Information and Communication Technologies
In partnership with: Paradigm Publishing Services
Publication frequency: 4 issues per year
Keywords:
Cloud computing,
cloud security,
access control in cloud,
cloud storage,
data privacy
Related subjects:
Computer sciences,
Information technology

© 2016 P. G. Shynu, K. John Singh, published by Bulgarian Academy of Sciences, Institute of Information and Communication Technologies
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 3.0 License.

Previous articleVolume 16 (2016): Issue 1 (March 2016)Next article