A Survey on Access Control Models in Cloud Computing RajaniKanth Aluvalu1 and Lakshmi Muddana2 1
Department of Computer Engineering, RK University Rajkot, India
[email protected] 2 Department of Information Technology GITAM University, Hyderabad, India
[email protected]
Abstract. Cloud computing, is an emerging computing paradigm, enabling users to remotely store their data in a server and provide services on-demand. In cloud computing cloud users and cloud service providers are almost certain to be from different trust domains. Cloud computing’s multitenancy and virtualization features pose unique security and access privilege challenges due to sharing of resources among potential un trusted tenants. Hence Privacy, trust and access control are the critical issues met in cloud computing. Access control is of vital importance in cloud computing environment, since it is concerned with allowing a user to access various cloud resources. A secure user enforced data access control mechanism must be provided before cloud users have the liberty to outsource sensitive data to the cloud for storage. Heterogeneity of services in cloud computing environment demands to adopt varying degrees of granularity in access control mechanism with an efficient encryption system. In this paper, we are going to analysis various Access control models for cloud computing and possible solutions for their limitations Keywords: Risk aware, Accountability, cloud security, data sharing, Attribute based encryption, cipher text policy, fine grained access control.
1
Introduction
Cloud Computing is a subscription-based service where you can obtain networked storage space and computer resources. In cloud computing model customers plug into the cloud to access IT resources which are priced and provided on demand services. This cloud model composed of five essential characteristics, four service models and four deployment models. Users can store their data in cloud and there is a lot of personal information and potentially secure data that people store on their computers and this information is now being transferred to the cloud. Here we must ensure the security of user’s data, which is in cloud. Users prefer only the cloud which can be trusted [29]. In order to increase the trust in cloud storage, the concept of accountability can be used. Accountability is likely to become a core concept in cloud that increase the trust in cloud computing. It helps to trace the user’s data, protecting sensitive and confidential information, enhancing user’s trust in cloud computing [29]. © Springer International Publishing Switzerland 2015 S.C. Satapathy et al. (eds.), Emerging ICT for Bridging the Future – Volume 1, Advances in Intelligent Systems and Computing 337, DOI: 10.1007/978-3-319-13728-5_73
653
654
R. Aluvalu and L. Muddana
1.1
Essential Characteristics
a. On-demand service-consumers can use web services to access computing resources on-demand as needed automatically b. Broad network access-can access Services from any internet connected device. c. Resource Pooling-customers can share a pool of computing resources with other customers. d. Rapid Elasticity-enables computing resources or user account to be rapidly and elastically provisioned e. Measured Service-control and optimize services based on metering and automatically monitor the resources [29]. Characteristics Broad Network Access Service models Infrastructure as a service (IaaS) Deployment Models Public Cloud
Resource Pooling
Platform as service (PaaS) Private Cloud
Rapid Elasticity
a
Software as service (SaaS) Hybrid Cloud
On demand self service a
Security as a service (SECaaS) Community Cloud
Fig. 1. Cloud Computing Model
1.2
Service Models
i. Software as a Service (SaaS): The capacity provided to the consumer is to use the provider’s applications running on a cloud infrastructure. The application is accessible from client devices through web browser. ii. Platform as a Service (PaaS): The capability provided to the consumer is to deploy onto the cloud infrastructure iii. Infrastructure as a Service (IaaS): The capability provided to the consumer is to provision processing, storage, network and other fundamental computing resources. where the consumer is able to deploy and run arbitrary software, which can include operating system and application. iv. Security as a Service (SECaaS): security is delivered as a service without requiring on-premises hardware avoiding substantial capital outlays. These security services often include authentication, anti-virus, anti-malware/spyware, intrusion detection [29]. 1.3
Deployment Models
a. Public Clouds: Public cloud computing services are provided off-premise to the general public and the computing resources are shared with the provider’s other customers.
A Survey on Access Control Models in Cloud Computing
655
b. Community Clouds: Cloud infrastructure shared by several organization that have shared concern, managed by organization or third party. c. Private Clouds: Cloud infrastructure for single organization only, may be managed by the organization or third party, on or off premise. d. Hybrid Clouds: It uses public clouds for general computing while customer data is kept within a private cloud.
2
Survey
2.1
Cloud Federation
It is the practice of interconnecting the cloud computing environments of two or more service providers for the purpose of load balancing traffic and accommodating spikes in demand. Cloud federation requires one provider to wholesale or rent computing resources to another cloud provider [9, 12]. Those resources become a temporary or permanent extension of the buyer's cloud computing environment, depending on the specific federation agreement between providers. Cloud federation offers two substantial benefits to cloud providers [14]. First, it allows providers to earn revenue from computing resources that would otherwise be idle or underutilized. Second, cloud federation enables cloud providers to expand their geographic footprints and accommodate sudden spikes in demand without having to build new points-ofpresence (POPs).Service providers strive to make all aspects of cloud federation from cloud provisioning to billing support systems (BSS) and customer support transparent to customers. When federating cloud services with a partner, cloud providers will also establish extensions of their customer-facing service-level agreements (SLAs) into their partner provider's data centers [10]. 2.2
Security and Accountability in Cloud
Cloud stores huge amount of user’s data, there is a critical need of providing security for the data stored on cloud. The owner of the data does not aware about where their data is stored and they do not have control of where data is placed. Here it explores the security challenges in cloud. Some of the security risks include secure data transfer, secure software interface, secure stored data, user access control, data separation [26]. To promote privacy and security concern of end users accountability mechanism is used. Here the basic concept is that user’s private data are sent to the cloud in an encrypted form, and then with the encrypted data processing is carried out. Accountability become a core concept in cloud that helps to increase trust in cloud computing. The term Accountability refers to a narrow and imprecise requirement that met by reporting and auditing mechanisms. Accountability is the agreement to act as a responsible proctor of the personal information of others, to take responsibility for protection and appropriate use of that information beyond legal requirements, and to be accountable for misuse of that information.
656
2.3
R. Aluvalu and L. Muddana
Access Control Models
Cloud computing has rapidly become a widely adopted paradigm for delivering services over the internet. Therefore cloud service provider must provide the trust and security, as there is valuable and sensitive data in large amount stored on the clouds. Cloud computing environment is widely distributed and highly dynamic. Static policies will not be efficient for cloud access models. We require access models with dynamic policies. For protecting the confidentiality of the stored data, the data must be encrypted before uploading to the cloud by using some cryptographic algorithms [17, 18]. We will be discussing various access control models that support dynamics policies, attribute based access models using encryption scheme and its categories. A. Attribute Based Encryption (ABE) An attribute based encryption scheme introduced by Sahai and Waters in 2005 and the goal is to provide security and access c o n t r o l . Attribute-based encryption (ABE) is a public-key based one to many encryptions that allows users to encrypt and decrypt data based on user attributes. In which the secret key of a user and the ciphertext are dependent upon attributes (e.g. the country she lives, or the kind of subscription she has). In such a system, the decryption of a ciphertext is possible only if the set of attributes of the user key matches the attributes of the ciphertext. Decryption is only possible when the number of matching is at least a threshold value d. Collusion-resistance is crucial security feature of Attribute-Based Encryption .An adversary that holds multiple keys should only be able to access data if at least one individual key grants access[5]. The problem with attribute based encryption (ABE) scheme is that data owner needs to use every authorized user's public key to encrypt data. The application of this scheme is restricted in the real environment because it uses the access of monotonic attributes to control user's access in the system. B. Key Policy Attribute Based Encryption (KP-ABE) It is the modified form of classical model of ABE. Users are assigned with a n access t r e e structure over the data attributes. Threshold gates are the nodes of the access tree. The attributes are associated by leaf nodes. To reflect the access tree Structure the secret key of the user is defined. Ciphertexts are labeled with sets of attributes and private keys are associated with monotonic access structures that control which ciphertexts a user is able to decrypt. Key Policy Attribute Based Encryption (KP-ABE) scheme is designed for one-to-many communications [17]. KP-ABE scheme consists of the following four algorithms: Setup: Algorithm takes input K as a security parameter and returns PK as public key and a system master secret key MK.PK is used by message senders for encryption. MK is used to generate user secret keys and is known only to the authority.
A Survey on Access Control Models in Cloud Computing
657
Encryption: Algorithm takes a message M, the public key PK, and a set of attributes as input. It outputs the ciphertext E. Key Generation: Algorithm takes as input an access structure T and the master secret key MK. It outputs a secret key SK that enables the user to decrypt a message encrypted under a set of attributes if and only if matches T. Decryption: It takes as input the user’s secret key SK for access structure T and the ciphertext E, which was encrypted under the attribute set. This algorithm outputs the message M if and only if the attribute set satisfies the user’s access structure T. The KP-ABE scheme can achieve fine-grained access control and more flexibility to control users than ABE scheme. The problem with KP-ABE scheme is the encryptor cannot decide who can decrypt the encrypted data. It can only choose descriptive attributes for the data; it is unsuitable in some application because a data owner has to trust the key issuer. C. Cipher Text Policy Attribute Based Encryption Another modified form of ABE called CP-ABE introduced by Sahai. In a CP-ABE scheme, every ciphertext is associated with an access policy on attributes, and every user’s private key is associated with a set of attributes. A user is able to decrypt a ciphertext only if the set of attributes associated with the user’s private key satisfies the access policy associated with the ciphertext. CP-ABE works in the reverse way of KP-ABE [24]. The access structure of this scheme or algorithm, it inherits the same method which was used i n KP-ABE to build. And the access structure built in the encrypted data can let the encrypted data choose which key can recover the data; it means the user's key with attributes just satisfies the access structure of the encrypted data [19]. And the concept of this scheme is similar to the traditional access control schemes. The encryptor who specifies the threshold access structure for his interested attributes while encrypting a message. Based on this access structure message is then encrypted such that only those whose attributes satisfy the access structure can decrypt it. The most existing ABE schemes are derived from the CP- ABE scheme. CP-ABE scheme consists of following four algorithms: Setup: This algorithm takes as input a security parameter K and returns the public key PK as well as a system master secret key MK. PK is used by message senders for encryption. MK is used to generate user secret keys and is known only to the authority. Encrypt: This algorithm takes as input the public parameter PK, a message M, and an access structure T. It outputs the ciphertext CT. Key-Gen: This algorithm takes as input a set of attributes associated with the user and the master secret key MK. It outputs a secret key SK that enables the user to decrypt a message encrypted under an access tree structure T if and only if matches T.
658
R. Aluvalu and L. Muddana
Decrypt: This algorithm takes as input the ciphertext CT and a secret key SK for an attributes set. It returns the message M if and only if satisfies the access structure associated with the ciphertext CT. It improves the disadvantage of KP-ABE that the encrypted data cannot choose who can decrypt. It can support the access control in the real environment. In addition, the user's private key is in this scheme, a combination of a set of attributes, so an user only use this set of attributes to satisfy the access structure in the encrypted data. Drawbacks of the most existing CP-ABE schemes a r e still not fulfilling the enterprise requirements of access control which require considerable flexibility and efficiency. CP- ABE has limitations in terms of specifying policies and managing user attributes. In a CP-ABE scheme, decryption keys only support user attributes that are organized logically as a single set, so the users can only use all possible combinations of attributes in a single set issued in their keys to satisfy policies. After that ciphertext-policy attribute- set based encryption (CP-ASBE or ASBE for short) is introduced by Bobba, Waters et al [7]. ASBE is an extended form of CP-ABE. It organizes user attributes into a recursive set based structure and allows users to impose dynamic constraints on how those attributes may be combined to satisfy a policy. The CP-ASBE consists of recursive set of attributes. The challenge in constructing a CP-ASBE scheme is in selectively allowing users to combine attributes from multiple sets within a given key. There is challenge for preventing users from combining attributes from multiple keys. D. Attribute-Based Encryption Scheme with Non-monotonic Access Structures Previous ABE schemes were limited to expressing only monotonic access structures and there is no satisfactory method to represent negative constraints in a key’s access formula. Ostrovsky et al. proposed an attribute-based encryption with non-monotonic access structure in 2007[17]. Non-monotonic access structure can use the negative word to describe every attributes in the message, but the monotonic access structure cannot. This scheme contains four algorithms: Setup (d). In the basic construction, a parameter d specifies how many attributes every ciphertext has. Encryption (M, γ,PK). To encrypt a message M ε GT under a set of d attributes γ C Zp, choose a random value s ε Zp and output the ciphertext E. Key Generation (˜A,MK,PK). This algorithm outputs a key D that enables the user to decrypt an encrypted message only if the attributes of that ciphertext satisfy the access structure ˜A Decrypt (CT;D): Input the encrypted data CT and private key D, if the access structure is satisfied it generate the original message M. It enables Non-monotonic policy, i.e. policy with negative attributes. The problem with Attribute-based Encryption Scheme with Non- Monotonic Access Structures is that there are many negative attributes in the encrypted data, but they don't relate to the encrypted data. It means that each attribute adds a negative wo r d t o describe it,
A Survey on Access Control Models in Cloud Computing
659
but these are useless for decrypting the encrypted data. It can cause the encrypted data overhead becoming huge. It is inefficient and complex each cipher text needs to be encrypted with d attributes, where d is a system-wise constant. E. Hierarchical Attribute-Based Encryption This scheme Hierarchical attribute-based encryption (HABE) is derived by Wang et al The HABE model ( Fig 2) consists of a root master (RM) that corresponds to the third trusted party (TTP),multiple domain masters (DMs) in which the top-level DMs correspond to multiple enterprise users, and numerous users that correspond to all personnel in an enterprise. This scheme used the property of hierarchical generation of keys in HIBE scheme to generate keys [22]. Then, HABE scheme is defined by presenting randomized Polynomial time algorithms as follows: Setup (K)→(params,MK0): The RM takes a sufficiently large security parameter K as input, and outputs system parameters params and root master key MK0. CreateDM(params,MKi, PKi+1) → (MKi+1): Whether the RM or the DM generates master keys for the DMs directlyunder it using params and its master key. CreateUser(params,MKi, PKu, PKa) → (SKi,u, SKi,u,a):The DM first checks whether U is eligible for a, which is administered by itself. If so, it generates a user identity secret key and a user attribute secret key for U, using params and its master key; otherwise, it outputs “NULL”. Encrypt(params; f ;A; {PKa|a E A})→(CT): A user takes a file f, a DNF access control policy A, and public keys of all attributes in A, as inputs, and outputs a ciphertext CT. Decrypt(params,CT,SKi,u,{SKi,u,a|aECCj}→(f):A user, whose attributes satisfy the j-th conjunctive clause CCj, takes params, the ciphertext, the user identity secret key, and the user attribute secret keys on all attributes in CCj, as as inputs, to recover the plaintext. This scheme can satisfy the property of fine grained access control, scalability and full delegation. It can share data for users in the cloud in an enterprise environment. Furthermore, it can apply to achieve proxy re-encryption [4]. But in practice, it is unsuitable to implement. Since all attributes in one conjunctive clause in this scheme may be administered by the same domain authority, the same attribute may be administered by multiple domain authorities. F. Multi-authority Attribute Based Encryption V Bozovic, D Socek, R Steinwandt, and Vil-lanyi, introduce Multi-authority attribute-based encryption. In this scheme it use multiple parties to distribute attributes for users. A Multi-Authority ABE system is composed of K attribute authorities and one central authority. Each attribute authority is also assigned a value dk. The system uses the following algorithms:
660
R. Aluvalu and L. Muddana
Setup: A randomized algorithm which must be run by some trusted p a r t y (e.g. central authority). Takes as input the Security parameter. Outputs a public key, secret key pair for each of the attribute authorities, and also outputs a system public key and master secret key which will be used by the central authority. Attribute Key Generation: A randomized algorithm run by an attribute authority. Takes as input the authority’s secret key, the authority’s value dk, a user’s GID, and a set of attributes in the authority’s domain AkC. (We will assume that the user’s claim of these attributes has been verified before this algorithm is run). Output secret key for the user. Central Key Generation: A randomized algorithm runs by the central authority. Takes as input the master secret key and a user’s GID and outputs secret key for the user. Encryption: A randomized algorithm runs by a sender. Takes as input a set of attributes for each authority, a message, and the system public key. Outputs the ciphertext. Decryption: Deterministic algorithms run by a user. Takes as input a cipher-text, which was encrypted under attribute set AC and decryption keys for an attribute set Au. Outputs a message m if |Ak C ∩Ak u| > dk for all authorities k. It allows any polynomial number of independent authorities to monitor attributes and distribute private keys and tolerate any number of corrupted authorities. In this model, a recipient is defined not by a single string, but by a set of attributes. Complication in multi-authority scheme required that each authority’s attribute set be disjoint. The below table gives the comparison of each schemes in the attribute based encryption. Setup: Algorithm takes input K as a security parameter and returns PK as public key and a system master secret key MK.PK is used by message senders for encryption. MK is used to generate user secret keys and is known only to the authority. Encryption: Algorithm takes a message M, the public key PK, and a set of attributes as input. It outputs the ciphertext E. Key Generation: Algorithm takes as input an access structure T and the master secret key MK. It outputs a secret key SK that enables the user to decrypt a message encrypted under a set of attributes if and only if matches T. Decryption: It takes as input the user’s secret key SK for access structure T and the ciphertext E, which was encrypted under the attribute set. This algorithm outputs the message M if and only if the attribute set satisfies the user’s access structure T. The KP-ABE scheme can achieve fine-grained access control and more flexibility to control users than ABE scheme. The problem with KP-ABE scheme is the encrypter cannot decide who can decrypt the encrypted data. It can only choose descriptive attributes for the data; it is unsuitable in some application because a data owner has to trust the key issuer. G. Cipher Text Policy Attribute Based Encryption Another modified form of ABE called CP-ABE introduced by Sahai. In a CP-ABE scheme, every cipher text i s associated with an access policy on attributes, and every user’s private key is associated with a set of attributes. A user is able to
A Survey on Access Control Models in Cloud Computing
661
decrypt a ciphertext only if the set of attributes associated with the user’s private key satisfies the access policy associated with the ciphertext. CP-ABE works in the reverse way of KP-ABE [19]. The access structure of this scheme or algorithm , it inherit the same method which was used in KP-ABE to build and the access structure built in the encrypted data can let the encrypted data choose which key can recover the data, it means the user's key with attributes just satisfies the access structure of the encrypted data. And the concept of this scheme is similar to the traditional access control schemes. The encryptor who specifies the threshold access structure for his interested attributes while encrypting a message. Based on this access structure message is then encrypted such that only those whose attributes satisfy the access structure can decrypt it. The most existing ABE schemes are derived from the CP- ABE scheme. H. Adding Attributes to RBAC ABAC requires upto 2n rules for n attributes, attempting to implement the same controls in RBAC could; in a worst case require 2n roles [30]. There are three approaches of RBAC-A to handle relationship between roles and attributes. 1. Dynamic Role: implementation of dynamic roles might let the user’s role be fully determined by the front end attribute engine, while others might use the front end only to select from among a predetermined set of authorized users. 2. .Attribute Centric : A role name is just one of many attributes, in contrast with conventional RBAC, the role is not a collection of permissions but the name of an attribute called role. 3. Role Centric: attributes are added to constrain RBAC, constraint rules can only reduce permissions available to the user, not expand them. I. Risk Aware Access Control Model The increasing need to share information in dynamic environments such as cloud computing has created a requirement for risk-aware access control systems. The standard RBAC model is designed to operate in a relatively stable, closed environment and does not include any support for risk [1]. Risk-aware RBAC models that differ in the way in which risk is represented and accounted for in making access control decisions. The core goal of risk aware access control (RAAC) systems is to provide a mechanism that can manage the trade-off between the risks of allowing unauthorized access with the cost of denying access when the inability to access resources may have profound consequences. This approach is particularly useful to allow some risky access in an emergency situation.
662
3
R. Aluvalu and L. Muddana
Analysis
Techniques/Parameters
Fine grained access control Efficiency Computational Overhead Collusion Resistant
ABE
KP-ABE
CP-ABE
HASBE
MA-ABE
Low
Low
Average
Flexible
Good
Average High
Average High
Average Average
Flexible High
Scalable Average
Average
Good
Good
High
Good
Fig. 2. Analysis of access models
4
Implementation of Access Models
Access control models can be implemented by using XACML, which stands for extensible Access Control Markup Language. The standard defines a declarative access control policy language implemented in XML and a processing model describing how to evaluate access requests according to the rules defined in policies [4]. As a published standard specification, one of the goals of XACML is to promote common terminology and interoperability between access control implementations by multiple vendors. XACML is primarily an Attribute Based Access Control system (ABAC), where attributes (bits of data) associated with a user or action or resource are inputs into the decision of whether a given user may access a given resource in a particular way. Role-based access control (RBAC) can also be implemented in XACML as a specialization of ABAC.
5
Conclusion
In this paper, we had analysed trust based cloud federation and effective access models required for cloud federation. We had analysed Risk aware role based access control model, Integrating RBAC with ABAC, various attribute based encryption schemes: ABE, KP-ABE, CP-ABE, HABE etc. we proposed risk aware role based access control model integrated with hierarchical attribute set based access model for trust based cloud federation. Our proposed access model is trust based, will be effective and ensures scalability.
References [1] Bijon, K.Z., Krishnan, R., Sandhu, R.: Risk-Aware RBAC Sessions. In: Venkatakrishnan, V., Goswami, D. (eds.) ICISS 2012. LNCS, vol. 7671, pp. 59–74. Springer, Heidelberg (2012)
A Survey on Access Control Models in Cloud Computing
663
[2] Chen, L., Crampton, J.: Risk-Aware Role-Based Access Control. In: Meadows, C., Fernandez-Gago, C. (eds.) STM 2011. LNCS, vol. 7170, pp. 140–156. Springer, Heidelberg (2012) [3] Kandala, S., Sandhu, R., Bhamidipati, V.: An Attribute Based Framework for RiskAdaptive Access Control Models. In: 2011 Sixth International Conference on Availability, Reliability and Security (ARES) (2011) [4] Brossard, D.: XACML 101 – a quick intro to Attribute-based Access Control with XACML (September 30, 2010), http://www.webframer.eu [5] Bobba, R., Khurana, H., Prabhakarn, M.: Attribute sets a practically Motivated Enhancement to attribute based Encryption (July 27, 2009) [6] Cheng, Y., Park, J.-H.: Relationship-Based Access Control for Online Social Networks: Beyond User-to-User Relationships. In: 2012 International Conference on Privacy, Security, Risk and Trust (PASSAT), 2012 International Conference on Social Computing (SocialCom), September 3-5 (2012) [7] Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Generation Computer Systems (March 2012) [8] Sood, S.K.: A combined approach to ensure data security in cloud computing. Journal of Network and Computer Applications (November 2012) [9] Singhal, M., Chandrasekhar, S., Tingjian, G., Sandhu, R., Krishnan, R., Gail-Joon, A., Bertino, E.: Collaboration in multicloud computing environments: Framework and security issues. Computer 46(2) (February 2013) [10] Alhamad, M., Dillon, T., Chang, E.: SLA-Based Trust Model for Cloud Computing. In: 13th International Conference on Network-Based Information Systems (2010) [11] Gohad, A., Rao, P.S.: 1 * N Trust Establishment within Dynamic Collaborative Clouds. In: 2012 IEEE International Conference on Cloud Computing in Emerging Markets (CCEM) (2012) [12] Sato, H., Kanai, A., Tanimoto, S.: A Cloud Trust Model in a Security Aware Cloud. In: 2010 10th IEEE/IPSJ International Symposium on Applications and the Internet (SAINT) (July 2010) [13] Mon, E.E., Naing, T.T.: The privacy-aware access control system using attribute-and role-based access control in private cloud. In: 2011 4th IEEE International Conference on Broadband Network and Multimedia Technology (IC-BNMT) (2011) [14] Farcasescu, M.R.: Trust Model Engines in cloud computing. In: 14th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (2012) [15] Muchahari, M.K., Sinha, S.K.: A New Trust Management Architecture for Cloud Computing Environment. In: 2012 International Symposium on Cloud and Services Computing (2012) [16] Varadharajan, V., Tupakula, U.: TREASURE: Trust Enhanced Security for Cloud Environments. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (2012) [17] Priyadarsini, K., Thirumalai Selvan, C.: ’A Survey on Encryption Schemes for Data Sharing in Cloud Computing. IJCSITS 2(5) (October 2012) ISSN: 2249-9555 [18] Antony, N., Melvin, A.A.R.: A Survey on Encryption Schemes in the Clouds for Access Control. International Journal of Computer Science and Management Research 1(5) (December 2012) [19] Betten Court, J.: Ciphertext-policy attribute based encryption. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 321–334 (2007) [20] Zhu, Y., Huy, H., Ahny, G.-J., Huangy, D., Wang, S.: Towards Temporal Access Control in Cloud Computing. In: INFOCOM 2012 (2012)
664
R. Aluvalu and L. Muddana
[21] Yu, S., Wang, C., Ren, K., Lou, W.: Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing. In: INFOCOM 2010 (2010) [22] Wang, G., Liu, Q., Wub, J., Guo, M.: Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers (July 1, 2011) [23] Begum, R., Kumar, R.N., Kishore, V.: Data Confidentiality Scalability and Accountability (DCSA) in Cloud Computing 2(11) (November 2012) [24] Hota, C., Sankar, S.: Capability-based Cryptographic Data Access Control in Cloud Computing. Int. J. Advanced Networking and Applications 03(03), 1152–1161 (2011) [25] Kandukuri, R., Paturi, V.R., Rakshit, A.: Cloud security issues. In: Proceedings of the 2009 IEEE International Conference on Services Computing, pp. 517–520 (September 2009) [26] Buyya, R., Yeo, C.S., Venugopal, S., Broberg, J., Brandic, I.: Cloud computing and emerging IT platforms: vision, hype, and reality for delivering computing as the 5th utility. Future Generation Computer Systems 25(6), 599–616 (2008) [27] Salesforce.com, Inc., Force.com platform, http://www.salesforce.com/tw/ (retrieved December 2009) [28] SAP AG, SAP services: maximize your success, http://www.sap.com/services/index.epx (retrieved January 2010) [29] BOOK: Cloud computing Bible: Author: Sosinky, Barrie Edition. John Wiley & Sons Publication (2011) [30] Richardkun, D., et al.: Adding attributes to role based access control. IEEEComputer 43(6)
