{"title":"在云中启用约束和动态预防性访问控制策略实施","authors":"S. Fugkeaw, Hiroyuki Sato","doi":"10.1109/ARES.2015.33","DOIUrl":null,"url":null,"abstract":"Existing access control solutions applying Cipher text Policy Attribute based Encryption (CP-ABE) scheme usually rely on the static access enforcement based on the access control policy. In real-world scenario, the static pattern of access control policy may not be sufficient to effectively respond the security problems or advanced access control requirements. In this paper, we enhance our collaborative access control model: C-CP-ARBE, to be capable to support a more rigorous access control with security constraints and preventive access policy (PAP) enforcement feature. To this end, we design constraints specification model and PAP enforcement scheme in multi-authority cloud storage systems. We employ Multi-Agent System (MAS) to automate the authentication and authorization function as well as to increase the performance of overall cryptographic processes. As of MAS concept, the scalability and separation of security functions of our access control system are enhanced. Finally, we present the experiments to demonstrate the improved efficiency and practicality of our proposed scheme.","PeriodicalId":331539,"journal":{"name":"2015 10th International Conference on Availability, Reliability and Security","volume":"150 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Enabling Constraints and Dynamic Preventive Access Control Policy Enforcement in the Cloud\",\"authors\":\"S. Fugkeaw, Hiroyuki Sato\",\"doi\":\"10.1109/ARES.2015.33\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Existing access control solutions applying Cipher text Policy Attribute based Encryption (CP-ABE) scheme usually rely on the static access enforcement based on the access control policy. In real-world scenario, the static pattern of access control policy may not be sufficient to effectively respond the security problems or advanced access control requirements. In this paper, we enhance our collaborative access control model: C-CP-ARBE, to be capable to support a more rigorous access control with security constraints and preventive access policy (PAP) enforcement feature. To this end, we design constraints specification model and PAP enforcement scheme in multi-authority cloud storage systems. We employ Multi-Agent System (MAS) to automate the authentication and authorization function as well as to increase the performance of overall cryptographic processes. As of MAS concept, the scalability and separation of security functions of our access control system are enhanced. Finally, we present the experiments to demonstrate the improved efficiency and practicality of our proposed scheme.\",\"PeriodicalId\":331539,\"journal\":{\"name\":\"2015 10th International Conference on Availability, Reliability and Security\",\"volume\":\"150 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-08-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 10th International Conference on Availability, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2015.33\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 10th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2015.33","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Enabling Constraints and Dynamic Preventive Access Control Policy Enforcement in the Cloud
Existing access control solutions applying Cipher text Policy Attribute based Encryption (CP-ABE) scheme usually rely on the static access enforcement based on the access control policy. In real-world scenario, the static pattern of access control policy may not be sufficient to effectively respond the security problems or advanced access control requirements. In this paper, we enhance our collaborative access control model: C-CP-ARBE, to be capable to support a more rigorous access control with security constraints and preventive access policy (PAP) enforcement feature. To this end, we design constraints specification model and PAP enforcement scheme in multi-authority cloud storage systems. We employ Multi-Agent System (MAS) to automate the authentication and authorization function as well as to increase the performance of overall cryptographic processes. As of MAS concept, the scalability and separation of security functions of our access control system are enhanced. Finally, we present the experiments to demonstrate the improved efficiency and practicality of our proposed scheme.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
