In-Depth Analysis and Systematic Literature Review on Risk Based Access Control in Cloud

Sadia Hussain, M. H. Islam, H. Abbas
{"title":"In-Depth Analysis and Systematic Literature Review on Risk Based Access Control in Cloud","authors":"Sadia Hussain, M. H. Islam, H. Abbas","doi":"10.5121/ijcseit.2022.12501","DOIUrl":null,"url":null,"abstract":"Security in Cloud is one of the most foremost and critical feature, which can ensure the confidence of the Scientific community on Cloud environment. With the dynamic and ever changing nature of the Cloud computing environment, static access control models become obsolete. Hence, dynamic access control models are required, which is still an emergent and underdeveloped domain in Cloud security. These models utilize not only access policies but also contextual and real-time information to determine the access decision. Out of these dynamic models the Risk-based Access control model, estimates the security risk value related to the access request dynamically to determine the access decision. The exclusive working pattern of this access control model makes it an excellent choice for dynamically changing environment that rules the cloud’s environment. This paper provides a systematic literature appraisal and evaluation of risk-based access control models to provide a detailed understanding of the topic. The contributions of selected articles have been summarized. The security risks in cloud environment have been reviewed, taking in the account of both Cloud Service Provider and Cloud Customer perspectives. Additionally, risk factors used to build the risk-based access control model were extracted and analyzed. Finally, the risk estimation techniques used to evaluate the risks of access control operations have also been identified.","PeriodicalId":394306,"journal":{"name":"International Journal of Computer Science, Engineering and Information Technology","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Computer Science, Engineering and Information Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5121/ijcseit.2022.12501","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Security in Cloud is one of the most foremost and critical feature, which can ensure the confidence of the Scientific community on Cloud environment. With the dynamic and ever changing nature of the Cloud computing environment, static access control models become obsolete. Hence, dynamic access control models are required, which is still an emergent and underdeveloped domain in Cloud security. These models utilize not only access policies but also contextual and real-time information to determine the access decision. Out of these dynamic models the Risk-based Access control model, estimates the security risk value related to the access request dynamically to determine the access decision. The exclusive working pattern of this access control model makes it an excellent choice for dynamically changing environment that rules the cloud’s environment. This paper provides a systematic literature appraisal and evaluation of risk-based access control models to provide a detailed understanding of the topic. The contributions of selected articles have been summarized. The security risks in cloud environment have been reviewed, taking in the account of both Cloud Service Provider and Cloud Customer perspectives. Additionally, risk factors used to build the risk-based access control model were extracted and analyzed. Finally, the risk estimation techniques used to evaluate the risks of access control operations have also been identified.
云环境下基于风险的访问控制深入分析与系统文献综述
云环境中的安全性是云环境中最重要、最关键的特性之一,它可以确保科学界对云环境的信心。随着云计算环境的动态和不断变化的特性,静态访问控制模型变得过时了。因此,需要建立动态访问控制模型,这在云安全领域中仍然是一个新兴的、欠发达的领域。这些模型不仅利用访问策略,还利用上下文信息和实时信息来确定访问决策。在这些动态模型中,基于风险的访问控制模型动态估计与访问请求相关的安全风险值,以确定访问决策。这种访问控制模型的排他性工作模式使其成为控制云环境的动态变化环境的绝佳选择。本文对基于风险的访问控制模型进行了系统的文献评估和评价,以提供对该主题的详细理解。对所选文章的贡献进行了总结。从云服务提供商和云客户的角度分析了云环境中的安全风险。此外,对用于构建基于风险的访问控制模型的风险因素进行了提取和分析。最后,还确定了用于评估访问控制操作风险的风险估计技术。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信