Computer Science

Computer Science ›› 2021, Vol. 48 ›› Issue (5): 313-319.doi: 10.11896/jsjkx.200400013

• Information Security • Previous Articles     Next Articles

Attribute Access Control Based on Dynamic User Trust in Cloud Computing

PAN Rui-jie, WANG Gao-cai, HUANG Heng-yi   

  1. School of Computer and Electronic Information,Guangxi University,Nanning 530004,China
  • Received:2020-04-07 Revised:2020-07-15 Online:2021-05-15 Published:2021-05-09
  • About author:PAN Rui-jie,born in 1993,postgra-duate.Her main research interests include network security and so on.(3035596023@qq.com)
    WANG Gao-cai,born in 1976,Ph.D,professor,Ph.D supervisor,is a member of China Computer Federation.His main research interests include compu-ter network,system performance evaluation and random method.
  • Supported by:
    National Natural Science Foundation of China(61562006) and Natural Science Foundation of Guangxi,China(2016GXNSFBA380181).

PDF (PC)

682

Abstract: In order to facilitate the management of resources in the cloud,the cloud computing environment is usually divided into logically independent security management domains,but there is a hidden danger in the loss of resources' physical boundary protection.Access control is one of the key technologies to solve this security problem.Aiming at the characteristic of multiple domains of cloud computing environment,this paper proposes an access control model (CT-ABAC) based on dynamic user trust to reduce the impact of malicious recommendations in the security domain and reduce the number of malicious users' visits.In the CT-ABAC model,an access request consists of subject attributes,object attributes,permission attributes,environment attributes,and user trust attributes.A dynamic fine-grained authorization mechanism is used to deny or allow this access based on the user'saccess request attribute set.At the same time,this model extends the attribute of user trust,and considers the impact of time,similarity between security domains,and penalty mechanisms on this attribute.Simulation results show that the proposed model can effectively reduce the malicious access of users and improve the success rate of trusted users.

Key words: Access control, Attribute, Cloud computing, Muti-domain, Trust

CLC Number: 

  • TP393
[1]SIBAI R E,GEMAYEL N,ABDO J B,et al.A survey on access control mechanisms for cloud computing[J].Transactions on Emerging Telecommunications Technologies,2019,31(2):1-21.
[2]ZHANG P,SHI N F,JIANG H.A New Research of Delegation Agent Model Based On RBAC[C]//The 3rd International Conference on Wireless Communication and Sensor Networks.Pa-ries:Atlantis Press,2016:15-18.
[3]RIVERA S Y K,DEMURJIAN S A,BAIHAN M S.A service-based RBAC & MAC approach incorporated into the FHIR standard[J].Digital Communications and Networks,2019,5(4):214-225.
[4]LACEY-BARNACLE M,ROBISON R,FOULDS C.Energy justice in the developing world:a review of theoretical frameworks,key research themes and policy implications[J].Energy for Sustainable Devlelopment,2020,2020(55):122-138.
[5]SERVOS D,OSBORN S L.Current Research and Open Problems in Attribute-Based Access Control[J].ACM Computing Surveys,2017,2017(65):1-45.
[6]JAMES B D.A generalized temporal role based access control model for developing secure systems [D].Indiana:Purdue University,2013.
[7]RANISE S,TRUONG A,VIGANÒ L.Automated Analysis ofRBAC Policies withTemporal Constraints and Static Role Hierarchies[C]//The 30th Annual ACM Symposium.New York:ACM,2015:2177-2184.
[8]JIANG J G,YUAN X B,MAO R.Research on Role Mining Algorithms in RBAC[C]//The 2nd High Performance Computing and Cluster Technologies.New York:ACM,2018:1-5.
[9]BISWAS P,SANDHU R,KRISHNAN R.Label-Based AccessControl:An ABAC Model with Enumerated Authorization Policy[C]//ACM International Workshop on Attribute Based Access Control,New York:ACM,2016:1-12.
[10]BHATT S,PATWA F,SANDHU R.ABAC with group attributes and attribute hierarchies utilizing the policy machine[C]//The 2nd ACM Workshop on Attribute-Based Access Control.New Yorck:ACM,2017:17-28.
[11]MUHAMMAD U A,QIN G Z.Role-Based ABAC Model forImplementing Least Privileges[C]//The 8th International Conference on Software and Computer Applications.New York:ACM,2019:467-471.
[12]DAS S,SURAL S,VAIDYA J,et al.Policy Adaptation in Hie-rarchical Attribute-Based Access Control Systems[J].ACM transactions on Internet technology.2019,19(40):1-24.
[13]XIE R N,LI H,SHI G Z.Lightweight and reconfigurable access control strategy based on attributes[J].Journal of Communications,2020,41(2):112-122.
[14]HUANG L Y,XIONG G W.A Trust-role Access Control Model Facing Cloud Computing[C]//The 35th Chinese Control Conference.New York:IEEE,2016:5239-5242.
[15]LI X.Access Control Strategy Based on Trust under CloudComputing Platform[C]//International Conference on Virtual Reality and Intelligent Systems.New York:IEEE,2018:327-330.
[16]UIKEY C,BHILARE D S.TrustRBAC:Trust role based access control model in multi-domain cloud environments[C]//IEEE,International Conference on Information,Communication,Instrumentation and Control.New York:IEEE,2017:1-7.
[17]GHAFOORIAN M,ABBASINEZHAD-MOOD D,SHAKERIH.A Thorough Trust and Reputation Based RBACModel for Secure Data Storage in the Cloud[C]//IEEETransactions on Parallel and Distributed Systems.New York:IEEE,2018:1-12.
[18]ZHAO Z Y,SUN L.Attribute-based Access Control with Dynamic Trust in a Hybrid Cloud Computing Environment[C]//International Conference on Cryptography,Security and Privacy.New York:ACM,2017:112-118.
[19]HU V C,FERRAIOLO D,KUHN R,et al.Guide to Attribute Based Access Control(ABAC) Definition and Considerations:800-162 [S].U.S.Department of Commerce:National Institute of Standards and Technology,2014.
[20]DANIEL S,OSBORN S.Current Research and Open Problems in Attribute-Based Access Control[J].ACM Computing Surveys,2017(65):1-45.
[21]WU C Q,HUANG R N.Research on Access Control ModelBased on Dynamic Linear Correlation[J].Computer Science,2015,42(9):94-106.
[22]LI D Q,GUO R M.An Improved Trust Mechanism Based on the Similarity[C]//National Conference on Electrical.Paries:Atlantis Press,2015:722-728.
[23]LI X Y,GUI X L.Cognitive Model of Dynamic Trust Forecasting[J].Journal of Software,2010,21(1):163-176.
[1] GUO Peng-jun, ZHANG Jing-zhou, YANG Yuan-fan, YANG Shen-xiang. Study on Wireless Communication Network Architecture and Access Control Algorithm in Aircraft [J]. Computer Science, 2022, 49(9): 268-274.
[2] CHEN Jing, WU Ling-ling. Mixed Attribute Feature Detection Method of Internet of Vehicles Big Datain Multi-source Heterogeneous Environment [J]. Computer Science, 2022, 49(8): 108-112.
[3] YUAN Hao-nan, WANG Rui-jin, ZHENG Bo-wen, WU Bang-yan. Design and Implementation of Cross-chain Trusted EMR Sharing System Based on Fabric [J]. Computer Science, 2022, 49(6A): 490-495.
[4] CAI Xiao-juan, TAN Wen-an. Improved Collaborative Filtering Algorithm Combining Similarity and Trust [J]. Computer Science, 2022, 49(6A): 238-241.
[5] YU Ai-xin, FENG Xiu-fang, SUN Jing-yu. Social Trust Recommendation Algorithm Combining Item Similarity [J]. Computer Science, 2022, 49(5): 144-151.
[6] YANG Zhen, HUANG Song, ZHENG Chang-you. Study on Crowdsourced Testing Intellectual Property Protection Technology Based on Blockchain and Improved CP-ABE [J]. Computer Science, 2022, 49(5): 325-332.
[7] WANG Zi-yin, LI Lei-jun, MI Ju-sheng, LI Mei-zheng, XIE Bin. Attribute Reduction of Variable Precision Fuzzy Rough Set Based on Misclassification Cost [J]. Computer Science, 2022, 49(4): 161-167.
[8] WANG Zhi-cheng, GAO Can, XING Jin-ming. Three-way Approximate Reduction Based on Positive Region [J]. Computer Science, 2022, 49(4): 168-173.
[9] YANG Xiao-yu, YIN Kang-ning, HOU Shao-qi, DU Wen-yi, YIN Guang-qiang. Person Re-identification Based on Feature Location and Fusion [J]. Computer Science, 2022, 49(3): 170-178.
[10] GAO Shi-yao, CHEN Yan-li, XU Yu-lan. Expressive Attribute-based Searchable Encryption Scheme in Cloud Computing [J]. Computer Science, 2022, 49(3): 313-321.
[11] YANG Yu-li, LI Yu-hang, DENG An-hua. Trust Evaluation Model of Cloud Manufacturing Services for Personalized Needs [J]. Computer Science, 2022, 49(3): 354-359.
[12] XIAO Kang, ZHOU Xia-bing, WANG Zhong-qing, DUAN Xiang-yu, ZHOU Guo-dong, ZHANG Min. Review Question Generation Based on Product Profile [J]. Computer Science, 2022, 49(2): 272-278.
[13] GUO Xian, WANG Yu-yue, FENG Tao, CAO Lai-cheng, JIANG Yong-bo, ZHANG Di. Blockchain-based Role-Delegation Access Control for Industrial Control System [J]. Computer Science, 2021, 48(9): 306-316.
[14] LI Yan, FAN Bin, GUO Jie, LIN Zi-yuan, ZHAO Zhao. Attribute Reduction Method Based on k-prototypes Clustering and Rough Sets [J]. Computer Science, 2021, 48(6A): 342-348.
[15] WANG Zheng, JIANG Chun-mao. Cloud Task Scheduling Algorithm Based on Three-way Decisions [J]. Computer Science, 2021, 48(6A): 420-426.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.