Skip to main content
SpringerLink
Log in

Toward a New Extension of the Access Control Model ABAC for Cloud Computing

  • Conference paper
  • First Online:
Advances in Ubiquitous Networking (UNet 2015)

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 366))

Included in the following conference series:

Abstract

Cloud computing is the new technology in open and distributed systems, recently adopted by many IT companies and business organizations. In such systems, there are usually a large number of users in different domains having their own policies, which make many problems arise as degradation or loss of information access control, theft or unauthorized use of information, as well as quality of services problems, traceability and accountability. Data access using various resources requires a user authentication, access control model for integrated management and control in cloud computing environments. The traditional access control models that are identity based are closed and inflexible. In this paper we present an overview of access control models with comparative and analysis to retrieve a suitable model for such environment. An extended Attribute based Access Control (ABAC) model is proposed by introducing the concept of privacy aware to retrieve a new efficient advanced model that can provide a more flexible, privacy and integrity model.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

We’re sorry, something doesn't seem to be working properly.

Please try refreshing the page. If that doesn't work, please contact support so we can address the problem.

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bowen, B.M., Ben Salem, M., Hershkop, S.: Designing host and network sensors to mitigate the insider threat. IEEE Security Privacy Mag. 7(6), 22–29 (2009)

    Article  Google Scholar 

  2. Jung, J.J.: Service chain-based business alliance formation in service-oriented architecture. Expert Syst. Appl. 38(3), 2206–2211 (2011)

    Article  Google Scholar 

  3. Kiyomoto, S., Fukushima, K., Miyake, Y.: Towards secure cloud computing architecture—a solution based on software protection mechanism. J. Internet Serv. Inf. Secur. 1(1), 4–17 (2011)

    Google Scholar 

  4. Pieters, W.: Representing humans in system security models: an actor-network approach. J. Wirel. Mobile Netw. Ubiquitous Comput. Depend. Appl. 2(1), 75–92 (2011)

    Google Scholar 

  5. Bhaskar, P., Admela, J., Dimitrios, K., Yves, G.: Architectural Requirements for Cloud Computing Systems: An Enterprise Cloud Approach. J. Grid Computing 9(1), 3–26 (2011)

    Article  Google Scholar 

  6. Li, X., He, J.: A user-centric method for data privacy protection in cloud computing. In: 2011 International Conference on Computer, Electrical, and Systems Sciences and Engineering, pp. 355–358 (2011)

    Google Scholar 

  7. Faraji, M.S.: Identity and Access Management in Multi-tier Cloud Infrastructure, thesis (2013)

    Google Scholar 

  8. Karp, A.H., Haury, H., Davis, M.H.: From ABAC to ZBAC: The Evolution of Access Control Models. HP Laboratories-2009-30

    Google Scholar 

  9. Ahn, G.-J., Sandhu, R.: Role-based authorization constraints specification. ACM Trans. Inf. Syst. Secur. 3(4), 207–226 (2000)

    Article  Google Scholar 

  10. Bertino, E., Bonatti, P.A., Ferrari, E.: Trbac: a temporal role-based access control model. ACM Trans. Inf. Syst. Secur. 4(3), 191–233 (2001)

    Article  Google Scholar 

  11. Joshi, J.B.D., Bertino, E., Latif, U., Ghafoor, A.: A generalized temporal role-based access control model. IEEE Trans. Knowl. Data Eng. 17(1), 4–23 (2005)

    Article  Google Scholar 

  12. Li, N., Tripunitara, M.V.: Security analysis in role-based access control. ACM Trans. Inf. Syst. Secur. 9(4), 391–420 (2006)

    Article  Google Scholar 

  13. Kalajainen, T.: An access control model in a semantic data structure: case process modelling of a bleaching line. Department of Computer Science and Engineering (2007)

    Google Scholar 

  14. Nabeel Tahir, M.: C-RBAC: Contextual role-based access control model. Ubiquitous Comput. Commun. J. 2(3), 67–74 (2007)

    Google Scholar 

  15. http://csrc.nist.gov/projects/abac/

  16. https://blueprints.launchpad.net/keystone/+spec/attribute-based-access-control

  17. Stermsek, G., Stremmbeck, M., Neumann, G.: Using Subject- and Object-specific Attrubutes for Access Control in Web-based Knowledge Management System

    Google Scholar 

  18. Ubale, S.A., Apte, S.S.: Comparison of ACL Based Security Models for securing resources for Windows operating system. IJSHRE 2(6), 63

    Google Scholar 

  19. Punithasurya, K., Jeba Priya, S.: Analysis of Different Access Control Mechanism in Cloud. International Journal of Applied Information Systems (IJAIS) 4(2) September 2012. ISSN: 2249-0868 Foundation of Computer Science FCS, New York, USA

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. System Architecture Team, ENSEM, Hassan II University, Casablanca, Morocco

    Maryam Ed-Daibouni, Adil Lebbat, Saida Tallal & Hicham Medromi

Authors
  1. Maryam Ed-Daibouni
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Adil Lebbat
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Saida Tallal
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hicham Medromi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Maryam Ed-Daibouni .

Editor information

Editors and Affiliations

  1. Hassan II University of Casablanca, ENSEM Hassan II University of Casablanca, Oasis – Casablanca, Morocco

    Essaïd Sabir

  2. Ecole Nationale Supérieure d'Electricité et de Mécanique, Université Hassan II – Casablanca, Casablanca, Morocco

    Hicham Medromi

  3. Ecole Nationale Supérieure d'Electricité et de Mécanique, Université Hassan II – Casablanca, Casablanca, Morocco

    Mohamed Sadik

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer Science+Business Media Singapore

About this paper

Cite this paper

Ed-Daibouni, M., Lebbat, A., Tallal, S., Medromi, H. (2016). Toward a New Extension of the Access Control Model ABAC for Cloud Computing. In: Sabir, E., Medromi, H., Sadik, M. (eds) Advances in Ubiquitous Networking. UNet 2015. Lecture Notes in Electrical Engineering, vol 366. Springer, Singapore. https://doi.org/10.1007/978-981-287-990-5_7

Download citation

  • DOI: https://doi.org/10.1007/978-981-287-990-5_7

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-287-989-9

  • Online ISBN: 978-981-287-990-5

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation