11 Citations (Scopus)

Abstract

One of the most important challenges that have threatened cloud computing and caused its slow adoption is security. Since clouds have diverse groups of users with different sets of security requirements, restricting the users' accesses and protecting information from unauthorized accesses have become the most difficult tasks. To address these critical challenges, in this paper we first formalize Attribute Based Access Control (ABAC) and propose a new access control model, called Attribute-Rule ABAC (AR-ABAC), for cloud computing to meet critical access control requirements in clouds. Our model supports the attribute-rules that deal with the association between users and objects, as well as the capability for accessing objects based on their sensitivity levels. The attribute-rules specify an agreement that determines what kind of attributes should be used and the number of attributes considered for making access decisions. In addition, our model ensures secure resource sharing among potential untrusted tenants and supports different access permissions to the same user at the same session.

Original languageEnglish (US)
Title of host publicationProceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages28-35
Number of pages8
ISBN (Print)9781509000890
DOIs
StatePublished - Mar 1 2016
Event1st IEEE International Conference on Collaboration and Internet Computing, CIC 2015 - Hangzhou, China
Duration: Oct 28 2015Oct 30 2015

Other

Other1st IEEE International Conference on Collaboration and Internet Computing, CIC 2015
CountryChina
CityHangzhou
Period10/28/1510/30/15

Fingerprint

Cloud computing
Access control

Keywords

  • Access control models
  • Attribute based access control
  • Cloud computing security

ASJC Scopus subject areas

  • Human-Computer Interaction
  • Computer Networks and Communications

Cite this

Riad, K., Yan, Z., Hu, H., & Ahn, G-J. (2016). AR-ABAC: A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing. In Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015 (pp. 28-35). [7423062] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CIC.2015.38

AR-ABAC : A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing. / Riad, Khaled; Yan, Zhu; Hu, Hongxin; Ahn, Gail-Joon.

Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015. Institute of Electrical and Electronics Engineers Inc., 2016. p. 28-35 7423062.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Riad, K, Yan, Z, Hu, H & Ahn, G-J 2016, AR-ABAC: A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing. in Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015., 7423062, Institute of Electrical and Electronics Engineers Inc., pp. 28-35, 1st IEEE International Conference on Collaboration and Internet Computing, CIC 2015, Hangzhou, China, 10/28/15. https://doi.org/10.1109/CIC.2015.38
Riad K, Yan Z, Hu H, Ahn G-J. AR-ABAC: A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing. In Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015. Institute of Electrical and Electronics Engineers Inc. 2016. p. 28-35. 7423062 https://doi.org/10.1109/CIC.2015.38
Riad, Khaled ; Yan, Zhu ; Hu, Hongxin ; Ahn, Gail-Joon. / AR-ABAC : A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing. Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015. Institute of Electrical and Electronics Engineers Inc., 2016. pp. 28-35
@inproceedings{8d00c66be6fc4c87abf0ccae6f7c2d4b,
title = "AR-ABAC: A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing",
abstract = "One of the most important challenges that have threatened cloud computing and caused its slow adoption is security. Since clouds have diverse groups of users with different sets of security requirements, restricting the users' accesses and protecting information from unauthorized accesses have become the most difficult tasks. To address these critical challenges, in this paper we first formalize Attribute Based Access Control (ABAC) and propose a new access control model, called Attribute-Rule ABAC (AR-ABAC), for cloud computing to meet critical access control requirements in clouds. Our model supports the attribute-rules that deal with the association between users and objects, as well as the capability for accessing objects based on their sensitivity levels. The attribute-rules specify an agreement that determines what kind of attributes should be used and the number of attributes considered for making access decisions. In addition, our model ensures secure resource sharing among potential untrusted tenants and supports different access permissions to the same user at the same session.",
keywords = "Access control models, Attribute based access control, Cloud computing security",
author = "Khaled Riad and Zhu Yan and Hongxin Hu and Gail-Joon Ahn",
year = "2016",
month = "3",
day = "1",
doi = "10.1109/CIC.2015.38",
language = "English (US)",
isbn = "9781509000890",
pages = "28--35",
booktitle = "Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - AR-ABAC

T2 - A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing

AU - Riad, Khaled

AU - Yan, Zhu

AU - Hu, Hongxin

AU - Ahn, Gail-Joon

PY - 2016/3/1

Y1 - 2016/3/1

N2 - One of the most important challenges that have threatened cloud computing and caused its slow adoption is security. Since clouds have diverse groups of users with different sets of security requirements, restricting the users' accesses and protecting information from unauthorized accesses have become the most difficult tasks. To address these critical challenges, in this paper we first formalize Attribute Based Access Control (ABAC) and propose a new access control model, called Attribute-Rule ABAC (AR-ABAC), for cloud computing to meet critical access control requirements in clouds. Our model supports the attribute-rules that deal with the association between users and objects, as well as the capability for accessing objects based on their sensitivity levels. The attribute-rules specify an agreement that determines what kind of attributes should be used and the number of attributes considered for making access decisions. In addition, our model ensures secure resource sharing among potential untrusted tenants and supports different access permissions to the same user at the same session.

AB - One of the most important challenges that have threatened cloud computing and caused its slow adoption is security. Since clouds have diverse groups of users with different sets of security requirements, restricting the users' accesses and protecting information from unauthorized accesses have become the most difficult tasks. To address these critical challenges, in this paper we first formalize Attribute Based Access Control (ABAC) and propose a new access control model, called Attribute-Rule ABAC (AR-ABAC), for cloud computing to meet critical access control requirements in clouds. Our model supports the attribute-rules that deal with the association between users and objects, as well as the capability for accessing objects based on their sensitivity levels. The attribute-rules specify an agreement that determines what kind of attributes should be used and the number of attributes considered for making access decisions. In addition, our model ensures secure resource sharing among potential untrusted tenants and supports different access permissions to the same user at the same session.

KW - Access control models

KW - Attribute based access control

KW - Cloud computing security

UR - http://www.scopus.com/inward/record.url?scp=84964835379&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84964835379&partnerID=8YFLogxK

U2 - 10.1109/CIC.2015.38

DO - 10.1109/CIC.2015.38

M3 - Conference contribution

SN - 9781509000890

SP - 28

EP - 35

BT - Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015

PB - Institute of Electrical and Electronics Engineers Inc.

ER -