A dynamic solution for fine-grained policy conflict resolution

Abstract

Access control is a security technique that specifies access rights to resources in a cloud computing environment. As information in cloud systems nowadays become more complex, it plays an important role in authenticating and authorizing users and preventing an attacker from targeting sensitive information. However, in recent years, with the popularity of the Internet as social network, IoTs which deploy in cloud platforms for sharing data in real-time, more and more challenges have been exposed. For example, the access control mechanism must be able to guarantee fine-grained access control, privacy protection, conflicts and redundancies handle between rules of the same policy or between different policies. In this paper, we proposed an access control model based on attribute that incorporates a policy model based on the combining algorithm and prioritization of functions to resolve conflicts at a fine-grained level called "Dynamic model for fine-grained policy conflict resolution". Experiments are carried out to illustrate the relationship between the processing time for the traditional approach (single policy, multi-policy without priority) and our approach (multi-policy with priority). Experimental results show that the evaluation performance satisfies the privacy requirements defined by the user.