Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
MTZ-Fachkongress

Antriebe und Energiesysteme von morgen


Austausch von Automobil- und Energiewirtschaft

Am 14./15. Mai geht es in Chemnitz um die Mobilitätswende durch Elektro- und Wasserstofffahrzeuge.
Erweiterte Suche
Anmelden
nach oben
Mobile Networks and Applications
Erschienen in: Mobile Networks and Applications 1/2022

10.11.2021

A Secure Access Control Framework for Cloud Management

verfasst von: Jiawei Zhang, Ning Lu, Jianfeng Ma, Ruixiao Wang, Wenbo Shi

Erschienen in: Mobile Networks and Applications | Ausgabe 1/2022

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Cloud operating system (Cloud OS) is the heart of cloud management platform that takes control of various cloud resources. Therefore, it attracts numerous attacks, especially unauthorized access. Many existing works adopt role-based access control (RBAC) model for Cloud OS access control and token-based approaches as user credentials of sessions or transactions between users and cloud, but they fail to resist privilege abuse caused by RBAC policy rules tampering or token hijacking. To addresses this challenging problem, we propose a secure access control framework suitable for resource-centric Cloud OS. For one thing, we propose a new authorization model with cryptographically protected RBAC policy rules. To solve the policy decision problem caused by encrypted policy rules in this model, an approach is developed to transform it into permission searching problem and we further propose a policy decision scheme based on this. For another thing, we achieve user token unlinkability and token-replay-attack resistance by introducing randomization mechanism and leveraging one-show token technique. A proof of concept implementation has been developed and the proposed scheme is proven secure and efficient by security analysis and the performance evaluation.
Vorheriger Artikel Security Standards and Measures for Massive IoT in the 5G Era
Nächster Artikel Towards Multi-user Searchable Encryption Scheme with Support for SQL Queries

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Weitere Produktempfehlungen anzeigen
Literatur
1.
Aftab MU, Qin Z, Hundera NW, Ariyo O, Son NT, Dinh TV et al (2019) Permission-based separation of duty in dynamic role-based access control model. Symmetry 11(5):669CrossRef
2.
Aftab MU, Qin Z, Quadri SF, Javed A, Nie X (2019) Role-based abac model for implementing least privileges. In: Proceedings of the 2019 8th international conference on software and computer applications, pp 467–471
3.
Blundo C, Cimato S, Siniscalchi L (2020) Managing constraints in role based access control. IEEE Access
4.
Cai F, Zhu N, He J, Mu P, Li W, Yu Y (2019) Survey of access control models and technologies for cloud computing. Clust Comput 22(3):6111–6122CrossRef
5.
Chakraborty S, Sandhu R, Krishnan R (2019) On the feasibility of rbac to abac policy mining: A formal analysis. In: International conference on secure knowledge management in artificial intelligence era. Springer, pp 147–163
6.
Chen Z, Yang Q, Wan X, Tu Y, Yu F, Xu C (2011) Privacy preservation in role-based access control model. J Netw 6(8):1106
7.
De Caro A, Iovino V (2011) jpbc: Java pairing based cryptography. In: Proceedings of the 16th IEEE symposium on computers and communications, ISCC 2011, Kerkyra, Corfu, Greece, June 28 - July 1, pp 850–855
8.
Dixit JP, Badal N, Abbas SQ (2017) A novel approach of distributed security mechanism of data distribution in distributed environment. Int J Appl Eng Res 12(10):2115–2122
9.
Ghorbel A, Ghorbel M, Jmaiel M (2017) Privacy in cloud computing environments: a survey and research challenges. J Supercomput 73(6):2763–2800CrossRef
10.
Gu W, Yang C, Yi Y (2020) An access model under cloud computing environment. Int J Comput Sci Eng 22(2-3):328–334
11.
He Y, Han Z, Cai Y (2010) A fine grained rbac model supporting flexible administrative separation of duty. In: 2010 sixth international conference on intelligent information hiding and multimedia signal processing. IEEE, pp 192–195
12.
Li J, Tang X, Wei Z, Wang Y, Chen W, Tan YA (2019) Identity-based multi-recipient public key encryption scheme and its application in iot. Mob Netw Appl pp 1–8
13.
Li Z, Wang D, Morais E (2020) Quantum-safe round-optimal password authentication for mobile devices. IEEE Trans Dependable Secure Comput PP(99)
14.
Lufei Z (2017) Zuoning, C.: vstarcloud: an operating system architecture for cloud computing. In: 2017 IEEE 2nd international conference on cloud computing and big data analysis (ICCCBDA). IEEE, pp 271–275
15.
Luo J, Wang H, Gong X, Li T (2016) A novel role-based access control model in cloud environments. Int J Comput Intell Syst 9(1):1–9CrossRef
16.
Maiti S, Misra S (2020) P2b: Privacy preserving identity-based broadcast proxy re-encryption. IEEE Trans Veh Technol 69(5):5610–5617CrossRef
17.
Miao Y, Ma J, Liu X, Weng J, Li H, Li H (2018) Lightweight fine-grained search over encrypted data in fog computing. IEEE Trans Serv Comput 12(5):772–785CrossRef
18.
Pérez JMM, Pérez GM, Gómez AFS (2016) Secrbac: Secure data in the clouds. IEEE Trans Serv Comput 10(5):726–740CrossRef
19.
Pustchi N, Sandhu R (2015) Mt-abac: A multi-tenant attribute-based access control model with tenant trust. In: International conference on network and system security. Springer, pp 206–220
20.
PV R, Sandhu R (2016) Poster: security enhanced administrative role based access control models. In: Proceedings of the 2016 ACM SIGSAC conference on computer and communications security, pp 1802–1804
21.
Qiu S, Wang D, Xu G, Kumari S (2020) Practical and provably secure three-factor authentication protocol based on extended chaotic-maps for mobile lightweight devices. IEEE Trans Dependable Secure Comput
22.
Rahman MU (2020) Scalable role-based access control using the eos blockchain. arXiv:2007.​02163
23.
Riad K, Hamza R, Yan H (2019) Sensitive and energetic iot access control for managing cloud electronic health records. IEEE Access 7:86,384–86,393CrossRef
24.
Sandhu R, Ferraiolo D, Kuhn R et al (2000) The nist model for role-based access control: towards a unified standard. In: ACM workshop on role-based access control, vol 10
25.
Shuang W, Hao Y, Dongnan L (2018) A new identity based blind signature scheme and its application. In: 2018 IEEE 3rd advanced information technology, electronic and automation control conference (IAEAC). IEEE, pp 672–676
26.
Singh MP, Sural S, Vaidya J, Atluri V (2019) Managing attribute-based access control policies in a unified framework using data warehousing and in-memory database. Comput Secur 86:183– 205CrossRef
27.
Sinha AK, Tripathy S (2019) Cookiearmor: Safeguarding against cross-site request forgery and session hijacking. Secur Priv 2(2):e60CrossRef
28.
Varghese B, Netto MA, Llorente IM, Buyya R (2020) New generation cloud computing. Softw Pract Exp 50(6):803–804CrossRef
29.
Wang C, Wang D, Tu Y, Xu G, Wang H (2020) Understanding node capture attacks in user authentication schemes for wireless sensor networks. IEEE Trans Dependable Secure Comput
30.
Wang D, Cheng H, Wang P, Huang X, Jian G (2017) Zipf’s law in passwords. IEEE Trans Inf Forensics Secur 12(11):2776–2791CrossRef
31.
Wang D, Li W, Wang P (2018) Measuring two-factor authentication schemes for real-time data access in industrial wireless sensor networks. IEEE Trans Ind Inform 14(9):4081–4092CrossRef
32.
Wang D, Wang N, Wang P, Qing S (2015) Preserving privacy for free: Efficient and provably secure two-factor authentication scheme with user anonymity. Inform Sci 321:162–178MATHCrossRef
33.
Wang D, Wang P (2016) Two birds with one stone: Two-factor authentication with security beyond conventional bound. IEEE Trans Dependable Secure Comput pp 1–1
34.
Xu P, Jiao T, Wu Q, Wang W, Jin H (2015) Conditional identity-based broadcast proxy re-encryption and its application to cloud email. IEEE Trans Comput 65(1):66–79MathSciNetMATHCrossRef
35.
Yang Y, Liu R, Chen Y, Li T, Tang Y (2018) Normal cloud model-based algorithm for multi-attribute trusted cloud service selection. IEEE Access 6:37,644–37,652CrossRef
36.
Yu Y, Ni J, Yang H, Mu Y, Susilo W (2014) Efficient public key encryption with revocable keyword search. Secur Commun Netw 7(2):466–472CrossRef
37.
Zhang J, Ma J, Ma Z, Lu N, Yang Y, Li T, Wei D (2019) Efficient hierarchical data access control for resource-limited users in cloud-based e-health. In: 2019 international conference on networking and network applications (NaNA). IEEE, pp 319– 324
38.
Zhou L, Varadharajan V, Hitchens M (2013) Achieving secure role-based access control on encrypted data in cloud storage. IEEE Trans Inf Forensic Secur 8(12):1947–1960CrossRef
Metadaten
Titel
A Secure Access Control Framework for Cloud Management
verfasst von
Jiawei Zhang
Ning Lu
Jianfeng Ma
Ruixiao Wang
Wenbo Shi
Publikationsdatum
10.11.2021
Verlag
Springer US
Erschienen in
Mobile Networks and Applications / Ausgabe 1/2022
Print ISSN: 1383-469X
Elektronische ISSN: 1572-8153
DOI
https://doi.org/10.1007/s11036-021-01839-w

Weitere Artikel der Ausgabe 1/2022

Mobile Networks and Applications 1/2022 Zur Ausgabe

OriginalPaper

Challenges of Credit Reference Based on Big Data Technology in China

OriginalPaper

Batch Auction Design for Cloud Container Services

OriginalPaper

A Multi-Domain VNE Algorithm Based on Load Balancing in the IoT Networks

OriginalPaper

Routing and Wavelength Allotment for Exchanged Folded Hypercube Communications Embedded in Bus-Topology WDM Optical Networks

OriginalPaper

Towards a Standard Feature Set for Network Intrusion Detection System Datasets

EditorialNotes

Editorial: Innovation and Application of Internet of Things for Smart Cities

Neuer Inhalt

    Bildnachweise