SecRBAC Secure data in the Clouds - 2016
Most current security solutions are based on perimeter security. However, Cloud computing breaks the organization perimeters. When data resides in the Cloud, they reside outside the organizational bounds. This leads users to a loos of management over their knowledge and raises reasonable security concerns that hamper the adoption of Cloud computing. Is the Cloud service supplier accessing the data? Is it legitimately applying the access control policy outlined by the user? This paper presents a information-centric access management resolution with enriched role-based mostly expressiveness in which security is focused on protecting user data regardless the Cloud service provider that holds it. Novel identity-based mostly and proxy re-encryption techniques are used to shield the authorization model. Information is encrypted and authorization rules are cryptographically protected to preserve user knowledge against the service provider access or misbehavior. The authorization model provides high expressiveness with role hierarchy and resource hierarchy support. The answer takes advantage of the logic formalism provided by Semantic Net technologies, that permits advanced rule management like semantic conflict detection. A proof of concept implementation has been developed and a working prototypical deployment of the proposal has been integrated inside Google services.
Did you like this research project?
To get this research project Guidelines, Training and Code... Click Here