云计算中基于风险的访问控制

2015 International Conference on Green Computing and Internet of Things (ICGCIoT) Pub Date : 2015-10-08 DOI:10.1109/ICGCIOT.2015.7380704

H. Lakshmi, S. Namitha, Seemanthini, Satheesh Gopalan, H. A. Sanjay, K. Chandrashekaran, A. Bhaskar

{"title":"云计算中基于风险的访问控制","authors":"H. Lakshmi, S. Namitha, Seemanthini, Satheesh Gopalan, H. A. Sanjay, K. Chandrashekaran, A. Bhaskar","doi":"10.1109/ICGCIOT.2015.7380704","DOIUrl":null,"url":null,"abstract":"Cloud computing is one of the most trending technologies of today. Most of the resources we use on an everyday basis are stored online as cloud storage. Our files, which have sensitive information, are accessible on valid authentication. When we consider the large scale organizations who host several servers to store their data, we also need to consider the possibility of insider attacks. Data security and integrity is of utmost importance in any organization. Insider attacks mainly focus on exploiting this data. Our model which implements risk based access control takes into consideration several parameters that assess the individual's risk. Access is provided to the user only if his/her risk value is lesser than the threshold risk. Therefore, any possibility of insider threat such as buffer overflow and session hijacking attack is tackled before it occurs. Our model allows a maximum risk of 70% which means that even at the worst case scenario, 30% of the data is still secure. There is a huge potential for future enhancement.","PeriodicalId":400178,"journal":{"name":"2015 International Conference on Green Computing and Internet of Things (ICGCIoT)","volume":"185 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-10-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"Risk based access control in cloud computing\",\"authors\":\"H. Lakshmi, S. Namitha, Seemanthini, Satheesh Gopalan, H. A. Sanjay, K. Chandrashekaran, A. Bhaskar\",\"doi\":\"10.1109/ICGCIOT.2015.7380704\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cloud computing is one of the most trending technologies of today. Most of the resources we use on an everyday basis are stored online as cloud storage. Our files, which have sensitive information, are accessible on valid authentication. When we consider the large scale organizations who host several servers to store their data, we also need to consider the possibility of insider attacks. Data security and integrity is of utmost importance in any organization. Insider attacks mainly focus on exploiting this data. Our model which implements risk based access control takes into consideration several parameters that assess the individual's risk. Access is provided to the user only if his/her risk value is lesser than the threshold risk. Therefore, any possibility of insider threat such as buffer overflow and session hijacking attack is tackled before it occurs. Our model allows a maximum risk of 70% which means that even at the worst case scenario, 30% of the data is still secure. There is a huge potential for future enhancement.\",\"PeriodicalId\":400178,\"journal\":{\"name\":\"2015 International Conference on Green Computing and Internet of Things (ICGCIoT)\",\"volume\":\"185 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-10-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 International Conference on Green Computing and Internet of Things (ICGCIoT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICGCIOT.2015.7380704\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 International Conference on Green Computing and Internet of Things (ICGCIoT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICGCIOT.2015.7380704","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 10

摘要

云计算是当今最流行的技术之一。我们日常使用的大部分资源都以云存储的形式在线存储。我们的文件包含敏感信息，可以通过有效的身份验证访问。当我们考虑拥有多台服务器来存储数据的大型组织时，我们还需要考虑内部攻击的可能性。数据安全和完整性在任何组织中都是至关重要的。内部攻击主要集中在利用这些数据。我们的模型实现了基于风险的访问控制，考虑了几个参数来评估个人的风险。只有当用户的风险值小于阈值风险时，才允许用户访问。因此，任何可能的内部威胁，如缓冲区溢出和会话劫持攻击，在发生之前就被解决了。我们的模型允许最大风险为70%，这意味着即使在最坏的情况下，30%的数据仍然是安全的。未来的改进潜力巨大。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Risk based access control in cloud computing

Cloud computing is one of the most trending technologies of today. Most of the resources we use on an everyday basis are stored online as cloud storage. Our files, which have sensitive information, are accessible on valid authentication. When we consider the large scale organizations who host several servers to store their data, we also need to consider the possibility of insider attacks. Data security and integrity is of utmost importance in any organization. Insider attacks mainly focus on exploiting this data. Our model which implements risk based access control takes into consideration several parameters that assess the individual's risk. Access is provided to the user only if his/her risk value is lesser than the threshold risk. Therefore, any possibility of insider threat such as buffer overflow and session hijacking attack is tackled before it occurs. Our model allows a maximum risk of 70% which means that even at the worst case scenario, 30% of the data is still secure. There is a huge potential for future enhancement.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2015 International Conference on Green Computing and Internet of Things (ICGCIoT)

自引率

0.00%

发文量