Access control policies enforcement in a cloud environment: Openstack
作者: Meryeme Ayache , Mohammed Erradi , Bernd Freisleben
DOI: 10.1109/ISIAS.2015.7492740
关键词: Cloud computing 、 Elasticity (cloud computing) 、 Computer security 、 Swift 、 Computer science 、 Enforcement 、 Access control 、 Security policy 、 Cloud computing security 、 Cloud storage
摘要: Cloud computing has become a widely used paradigm in many IT domains such as e-health. It offers several advantages to the users, e.g. elasticity, flexibility and rapid sharing of huge set digital data. However, security privacy concerns still pose significant challenges. In particular, most identified problem is how enforce user's policy access control outsourced fact, cloud environments does not provide facilities support high level defined policies. For instance, swift storage component openstack supports only fine grained execute specific action on object. this paper, we designed implemented middleware policies while using primitives. An e-health collaborative application dedicated for remote diagnosis illustrate suggested approach.
sci-hub.se 参考文章(18)
D. Sangeetha, Vaidehi Vijayakumar, Valliammai Thirunavukkarasu, Aiswarya Ramesh, Enhanced Security of PHR System in Cloud Using Prioritized Level Based Encryption International Conference on Security in Computer Networks and Distributed Systems. pp. 57- 69 ,(2014) , 10.1007/978-3-642-54525-2_5
Elisa Bertino, Giuseppe Petracca, Anna Cinzia Squicciarini, Adaptive data management for self-protecting objects in cloud computing systems conference on network and service management. pp. 140- 144 ,(2012) , 10.5555/2499406.2499423
Elliote Rusty Harold, Processing Xml with Java Addison-Wesley Longman Publishing Co., Inc.. ,(2002)
Krishna P. Gummadi, Nuno Santos, Rodrigo Rodrigues, Stefan Saroiu, Policy-sealed data: a new abstraction for building trusted cloud services usenix security symposium. pp. 10- 10 ,(2012)
Anjo Vahldiek-Oberwagner, Eslam Elnikety, Aastha Mehta, Deepak Garg, Peter Druschel, Rodrigo Rodrigues, Johannes Gehrke, Ansley Post, Guardat: enforcing data policies at the storage layer european conference on computer systems. pp. 13- ,(2015) , 10.1145/2741948.2741958
Christian Cachin, Kristiyan Haralambiev, Hsu-Chun Hsiao, Alessandro Sorniotti, None, Policy-based secure deletion computer and communications security. ,vol. 2013, pp. 259- 270 ,(2013) , 10.1145/2508859.2516690
D. Richard Kuhn, Edward J. Coyne, Timothy R. Weil, Adding Attributes to Role-Based Access Control IEEE Computer. ,vol. 43, pp. 79- 81 ,(2010) , 10.1109/MC.2010.155
Markus Lorch, Seth Proctor, Rebekah Lepro, Dennis Kafura, Sumit Shah, First experiences using XACML for access control in distributed systems workshop on xml security. pp. 25- 37 ,(2003) , 10.1145/968559.968563
Pierangela Samarati, Sabrina De Capitani di Vimercati, Data protection in outsourcing scenarios: issues and directions computer and communications security. pp. 1- 14 ,(2010) , 10.1145/1755688.1755690
Martin Henze, Rene Hummen, Klaus Wehrle, The Cloud Needs Cross-Layer Data Handling Annotations ieee symposium on security and privacy. pp. 18- 22 ,(2013) , 10.1109/SPW.2013.31