A formal specification approach of Privacy-aware Attribute Based Access Control (Pa-ABAC) model for cloud computing

2016 Third International Conference on Systems of Collaboration (SysCo) Pub Date : 2016-11-01 DOI:10.1109/SYSCO.2016.7831324

M. Ed-Daibouni, A. Lebbat, S. Tallal, H. Medromi

{"title":"A formal specification approach of Privacy-aware Attribute Based Access Control (Pa-ABAC) model for cloud computing","authors":"M. Ed-Daibouni, A. Lebbat, S. Tallal, H. Medromi","doi":"10.1109/SYSCO.2016.7831324","DOIUrl":null,"url":null,"abstract":"The ability to share services and information between departments, partners, customers and other stakeholders of the company's ecosystem is one of the major advantages of cloud computing. The effective deployment of a cloud must be built around the secure and efficient management of user access to resources and data protection against unauthorized disclosure. The Privacy element concerned the protection of the Personal Information Identity (PII) against unauthorized disclosures, which is considered a critical requirement for many enterprises. The traditional access control models that are identity based does not support the privacy requirements and inflexible. In this paper, we propose a new model called Privacy-aware Attribute Based Access Control (Pa-ABAC), the extension of the Attribute Based Access Control (ABAC) model, to express privacy requirements. Our objective is to formally specify the behavior of different elements of the proposed model in a cloud environment. This is very important to develop a valid security policy for a cloud environment free from specification errors and inconsistencies.","PeriodicalId":328833,"journal":{"name":"2016 Third International Conference on Systems of Collaboration (SysCo)","volume":"282 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 Third International Conference on Systems of Collaboration (SysCo)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SYSCO.2016.7831324","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

Abstract

The ability to share services and information between departments, partners, customers and other stakeholders of the company's ecosystem is one of the major advantages of cloud computing. The effective deployment of a cloud must be built around the secure and efficient management of user access to resources and data protection against unauthorized disclosure. The Privacy element concerned the protection of the Personal Information Identity (PII) against unauthorized disclosures, which is considered a critical requirement for many enterprises. The traditional access control models that are identity based does not support the privacy requirements and inflexible. In this paper, we propose a new model called Privacy-aware Attribute Based Access Control (Pa-ABAC), the extension of the Attribute Based Access Control (ABAC) model, to express privacy requirements. Our objective is to formally specify the behavior of different elements of the proposed model in a cloud environment. This is very important to develop a valid security policy for a cloud environment free from specification errors and inconsistencies.

查看原文本刊更多论文

基于隐私感知属性的云计算访问控制(Pa-ABAC)模型的形式化规范方法

在部门、合作伙伴、客户和公司生态系统的其他利益相关者之间共享服务和信息的能力是云计算的主要优势之一。有效的云部署必须围绕安全有效地管理用户对资源的访问和保护数据以防止未经授权的披露来构建。隐私元素涉及保护个人信息标识(PII)，防止未经授权的披露，这被认为是许多企业的关键需求。传统的基于身份的访问控制模型不支持隐私要求，而且缺乏灵活性。本文在基于属性的访问控制(ABAC)模型的基础上，提出了一种新的隐私感知属性访问控制(Pa-ABAC)模型来表达隐私需求。我们的目标是正式指定云环境中所建议模型的不同元素的行为。这对于为没有规范错误和不一致的云环境开发有效的安全策略非常重要。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2016 Third International Conference on Systems of Collaboration (SysCo)

自引率

0.00%

发文量