Font Size: a A A

Research On Attribute-based Access Control Model In Cloud Computing

Posted on:2015-08-07Degree:MasterType:Thesis
Country:ChinaCandidate:Q X LiuFull Text:PDF
GTID:2308330482457180Subject:Electronic and communication engineering
Abstract/Summary:
With the increasing popularity of cloud computing services, the research of cloud computing also increasing gradually, but it also reveals more security risk of cloud computing. In this paper, A C-ABAC model is proposed for cross-system cloud computing. The model involves both characteristics of cloud services and the idea of Next Generation Access Control (NGAC).The C-ABAC model introduces Virtual Objects, Policy Store& Administration Point and Cross System Point. In this paper C-ABAC model is formally defined. The attributes of C-ABAC is defined according to classification. A few concepts including attribute, Attribute Hierarchy, context, reputation, collaboration level are introduced. The new concepts increase both the complexity and diversity of the C-ABAC model.The self-management of attribute includes creating attribute, attribute upload, attribute update, attribute delete. The attribute migration of C-ABAC according to the collaboration level and double attribute authority solve consistency problem during cross system access.Then, C-ABAC model uses error-free model checking techniques for the verification of security properties in attribute migration. Two mechanism of reputation evaluation mechanism realize safety inter-operation of the C-ABAC model in cross system access.At Last, we apply C-ABAC model for health management cloud service and realize it with XACML 3.0. Then we compare the time for PDP with and without reputation.
Keywords/Search Tags:Access Control, Attributes, Cloud Computing, XACML, C-ABAC
Related items