Access control has made a
long way from 1960s. With the advent changes of technologies pertaining to
location transparency in storage of data, there arises different access control
scenarios. Cloud storage, the predominant storage that is being in use
currently, also paves way to various access control problems. Though there are
various access control mechanisms such as RBAC, ABAC, they are designed on the
user’s perspective such as the role held by the user or other attributes
assigned to the user. A new access control mechanism called object relationship
based access control (RoBAC) has been developed based on the relations held
among the users. The policy decision of access control is based on the
relationship among the classes followed in the Java programming. Results have
shown that this model best suits various scenarios in the cloud environment,
and it also shows that the time for making decision either to allow or to deny
is reduced compared to the existing system.
References
[1]
Samarati, P. and Vimercati, S.D.C.D. (2001) Access Control: Policies, Models, and Mechanisms. Springer-Verlag, London, 137-196. http://dx.doi.org/10.1007/3-540-45608-2_3
[2]
Sandhu, R. and Samarati, P. (1994) Access Control: Principle and Practice. IEEE Communications Magazine, 32, 40- 48. http://dx.doi.org/10.1109/35.312842
[3]
OASIS Standard (2015). https://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf
[4]
Damianou, N., Dulay, N., Lupu, E. and Sloman, M. (1995) The Ponder Policy Specification Language. Workshop on Policies for Distributed Systems and Networks, Bristol, 29-31 January 2001, 18-39.
[5]
Sandhu, R.S. (1993) Lattice Based Access Control Models. IEEE Computer, 26, 9-19. http://dx.doi.org/10.1109/2.241422
[6]
Ferraiolo, D.F., Sandhu, R., Gavrila, S., et al. (2001) Proposed NIST Standard for Role Based Access Control. ACM Transactions on Information and System Security, 4, 224-274. http://dx.doi.org/10.1145/501978.501980
[7]
Sandhu, R.S., et al. (1996) Role-Based Access Control Models. IEEE Computer, 29, 38-47. http://dx.doi.org/10.1109/2.485845
[8]
Hansen, F. and Oleshchuk, V. (2003) SRBAC: A Spatial Role-Based Access Control Model for Mobile Systems. Proceedings of the 7th Nordic Workshop on Secure IT System, Karlstad, 129-141.
[9]
Joshi, J., Bertino, E., et al. (2005) A Generalised Temporal Role-Based Access Control. IEEE Transactions on Knowledge and Data Engineering, 17, 4-23. http://dx.doi.org/10.1109/TKDE.2005.1
[10]
Zhang, Z., Zhang, X. and Sandhu, R. (2006) ROABC: Scalable Role and Organization Base Access Control Models. 2006 International Conference on Collaborative Computing: Networking, Applications and Worksharing, November 2006.
[11]
Fong, P.W.L. (2011) Relationship-Based Access Control: Protection Model and Policy Language. Proceedings of the First ACM Conference on Data and Application Security and Privacy, San Antonio, 21-23 February 2011, 191-202. http://dx.doi.org/10.1145/1943513.1943539
[12]
Cheng, Y., Park, J. and Sandhu, R. (2012) Relationship-Based Access Control for Online Social Networks: Beyond User-to-User Relationships. 2012 International Conference on Privacy, Security, Risk and Trust (PASSAT), Amsterdam, 3-5 September 2012, 646-655. http://dx.doi.org/10.1109/SocialCom-PASSAT.2012.57
[13]
Jin, X. (2014) Attribute-Based Access Control Models and Implementation in Cloud Infrastructure as Service. Dissertation, The University of Texas at San Antonio, San Antonio.
