Towards a Fine-Grained Access Control for Cloud

Abstract :

The centerpiece of an efficient Cloud security architecture is a well-defined access control policy. In literature we can find several access control models such as the Mandatory Access Control (MAC), Discretionary Access Control (DAC), Role-Based Access Control (RBAC) and the latest one Usage Control Authorization, oBligation and Condition (UCON ABC ). The UCON ABC is very suitable for the context of distributed systems like cloud computing but it doesn't give any implementation method. In this paper we define the profile centric model using graph formalism and its implementation using matrix. We define the profile as the combination of all possible authorization, obligation, condition, role, etc... and other access parameters like attributes that we can found in Cloud system.We discuss its application using three matrixes (profile definition, profile inheritance and user assignment). Profile centric modeling is an optimum paradigm to define access control policy in complex distributed and elastic system like cloud computing.The proposed solution is validated and implemented over Hadoop distributed file system in the context of Safe Box as a service.

Complete list of metadatas

https://hal.telecom-paristech.fr/hal-02287108
Contributor : Telecomparis Hal <>
Submitted on : Friday, September 13, 2019 - 4:35:44 PM
Last modification on : Thursday, October 17, 2019 - 12:36:10 PM

Identifiers

  • HAL Id : hal-02287108, version 1

Collections

Citation

Mounira Msahli, Ahmed Serhrouchni, Xiuzhen Chen. Towards a Fine-Grained Access Control for Cloud. 2014 IEEE 11th International Conference on e-Business Engineering, Oct 2013, Guangzhou, China. ⟨hal-02287108⟩

Share

Metrics

Record views

5