Francesco Di Cerbo, Doliére Francis Somé, L. Gomez, S. Trabelsi
{"title":"PPL v2.0:云和移动上的统一数据访问和使用控制","authors":"Francesco Di Cerbo, Doliére Francis Somé, L. Gomez, S. Trabelsi","doi":"10.1109/TELERISE.2015.9","DOIUrl":null,"url":null,"abstract":"Cloud storage is one of the most popular categories of market services. It provides an easy means for consumers to store and share their data, also in mobility through convenient apps. However, such valuable functionality raises several security concerns. Among them, the risk of sensitive information disclosure or, for professional data, the risk of compliance violations. In this paper, we propose an access and usage control framework for seamless, uniform and secure data sharing across cloud and mobile which keeps data under the control of its owner, that expresses preferences according to privacy or security needs. To our knowledge, this is the first effort addressing simultaneously and consistently cloud and mobile platforms. Our proposal offers access and usage control of managed resources relying on the security policy languages XACML and PPL (extended to make use of cloud and mobile contextual information) and on specific engines (cloud, mobile) to enforce them. A use case is presented, to illustrate the framework in action.","PeriodicalId":159844,"journal":{"name":"2015 IEEE/ACM 1st International Workshop on TEchnical and LEgal aspects of data pRivacy and SEcurity","volume":"44 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":"{\"title\":\"PPL v2.0: Uniform Data Access and Usage Control on Cloud and Mobile\",\"authors\":\"Francesco Di Cerbo, Doliére Francis Somé, L. Gomez, S. Trabelsi\",\"doi\":\"10.1109/TELERISE.2015.9\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cloud storage is one of the most popular categories of market services. It provides an easy means for consumers to store and share their data, also in mobility through convenient apps. However, such valuable functionality raises several security concerns. Among them, the risk of sensitive information disclosure or, for professional data, the risk of compliance violations. In this paper, we propose an access and usage control framework for seamless, uniform and secure data sharing across cloud and mobile which keeps data under the control of its owner, that expresses preferences according to privacy or security needs. To our knowledge, this is the first effort addressing simultaneously and consistently cloud and mobile platforms. Our proposal offers access and usage control of managed resources relying on the security policy languages XACML and PPL (extended to make use of cloud and mobile contextual information) and on specific engines (cloud, mobile) to enforce them. A use case is presented, to illustrate the framework in action.\",\"PeriodicalId\":159844,\"journal\":{\"name\":\"2015 IEEE/ACM 1st International Workshop on TEchnical and LEgal aspects of data pRivacy and SEcurity\",\"volume\":\"44 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-05-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"13\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 IEEE/ACM 1st International Workshop on TEchnical and LEgal aspects of data pRivacy and SEcurity\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/TELERISE.2015.9\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE/ACM 1st International Workshop on TEchnical and LEgal aspects of data pRivacy and SEcurity","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TELERISE.2015.9","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
PPL v2.0: Uniform Data Access and Usage Control on Cloud and Mobile
Cloud storage is one of the most popular categories of market services. It provides an easy means for consumers to store and share their data, also in mobility through convenient apps. However, such valuable functionality raises several security concerns. Among them, the risk of sensitive information disclosure or, for professional data, the risk of compliance violations. In this paper, we propose an access and usage control framework for seamless, uniform and secure data sharing across cloud and mobile which keeps data under the control of its owner, that expresses preferences according to privacy or security needs. To our knowledge, this is the first effort addressing simultaneously and consistently cloud and mobile platforms. Our proposal offers access and usage control of managed resources relying on the security policy languages XACML and PPL (extended to make use of cloud and mobile contextual information) and on specific engines (cloud, mobile) to enforce them. A use case is presented, to illustrate the framework in action.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
