AR-ABAC: A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing

Khaled Riad; Zhu Yan; Hongxin Hu; Gail-Joon Ahn

doi:10.1109/CIC.2015.38

AR-ABAC: A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing

Khaled Riad
, Zhu Yan
, Hongxin Hu
, Gail-Joon Ahn

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

21 Scopus citations

Abstract

One of the most important challenges that have threatened cloud computing and caused its slow adoption is security. Since clouds have diverse groups of users with different sets of security requirements, restricting the users' accesses and protecting information from unauthorized accesses have become the most difficult tasks. To address these critical challenges, in this paper we first formalize Attribute Based Access Control (ABAC) and propose a new access control model, called Attribute-Rule ABAC (AR-ABAC), for cloud computing to meet critical access control requirements in clouds. Our model supports the attribute-rules that deal with the association between users and objects, as well as the capability for accessing objects based on their sensitivity levels. The attribute-rules specify an agreement that determines what kind of attributes should be used and the number of attributes considered for making access decisions. In addition, our model ensures secure resource sharing among potential untrusted tenants and supports different access permissions to the same user at the same session.

Original language	English (US)
Title of host publication	Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	28-35
Number of pages	8
ISBN (Electronic)	9781509000890
DOIs	https://doi.org/10.1109/CIC.2015.38
State	Published - Mar 1 2016
Event	1st IEEE International Conference on Collaboration and Internet Computing, CIC 2015 - Hangzhou, China Duration: Oct 28 2015 → Oct 30 2015

Publication series

Name	Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015

Other

Other	1st IEEE International Conference on Collaboration and Internet Computing, CIC 2015
Country/Territory	China
City	Hangzhou
Period	10/28/15 → 10/30/15

Keywords

Access control models
Attribute based access control
Cloud computing security

ASJC Scopus subject areas

Human-Computer Interaction
Computer Networks and Communications

Access to Document

10.1109/CIC.2015.38

Cite this

Riad, K., Yan, Z., Hu, H., & Ahn, G.-J. (2016). AR-ABAC: A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing. In Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015 (pp. 28-35). Article 7423062 (Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CIC.2015.38

AR-ABAC: A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing. / Riad, Khaled; Yan, Zhu; Hu, Hongxin et al.
Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015. Institute of Electrical and Electronics Engineers Inc., 2016. p. 28-35 7423062 (Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Riad, K, Yan, Z, Hu, H & Ahn, G-J 2016, AR-ABAC: A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing. in Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015., 7423062, Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015, Institute of Electrical and Electronics Engineers Inc., pp. 28-35, 1st IEEE International Conference on Collaboration and Internet Computing, CIC 2015, Hangzhou, China, 10/28/15. https://doi.org/10.1109/CIC.2015.38

Riad K, Yan Z, Hu H, Ahn GJ. AR-ABAC: A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing. In Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015. Institute of Electrical and Electronics Engineers Inc. 2016. p. 28-35. 7423062. (Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015). doi: 10.1109/CIC.2015.38

Riad, Khaled ; Yan, Zhu ; Hu, Hongxin et al. / AR-ABAC : A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing. Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015. Institute of Electrical and Electronics Engineers Inc., 2016. pp. 28-35 (Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015).

@inproceedings{e82fed1af37249f494ed6fa26b810920,

title = "AR-ABAC: A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing",

abstract = "One of the most important challenges that have threatened cloud computing and caused its slow adoption is security. Since clouds have diverse groups of users with different sets of security requirements, restricting the users' accesses and protecting information from unauthorized accesses have become the most difficult tasks. To address these critical challenges, in this paper we first formalize Attribute Based Access Control (ABAC) and propose a new access control model, called Attribute-Rule ABAC (AR-ABAC), for cloud computing to meet critical access control requirements in clouds. Our model supports the attribute-rules that deal with the association between users and objects, as well as the capability for accessing objects based on their sensitivity levels. The attribute-rules specify an agreement that determines what kind of attributes should be used and the number of attributes considered for making access decisions. In addition, our model ensures secure resource sharing among potential untrusted tenants and supports different access permissions to the same user at the same session.",

keywords = "Access control models, Attribute based access control, Cloud computing security",

author = "Khaled Riad and Zhu Yan and Hongxin Hu and Gail-Joon Ahn",

note = "Publisher Copyright: {\textcopyright} 2015 IEEE.; 1st IEEE International Conference on Collaboration and Internet Computing, CIC 2015 ; Conference date: 28-10-2015 Through 30-10-2015",

year = "2016",

month = mar,

day = "1",

doi = "10.1109/CIC.2015.38",

language = "English (US)",

series = "Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "28--35",

booktitle = "Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015",

}

TY - GEN

T1 - AR-ABAC

T2 - 1st IEEE International Conference on Collaboration and Internet Computing, CIC 2015

AU - Riad, Khaled

AU - Yan, Zhu

AU - Hu, Hongxin

AU - Ahn, Gail-Joon

PY - 2016/3/1

Y1 - 2016/3/1

N2 - One of the most important challenges that have threatened cloud computing and caused its slow adoption is security. Since clouds have diverse groups of users with different sets of security requirements, restricting the users' accesses and protecting information from unauthorized accesses have become the most difficult tasks. To address these critical challenges, in this paper we first formalize Attribute Based Access Control (ABAC) and propose a new access control model, called Attribute-Rule ABAC (AR-ABAC), for cloud computing to meet critical access control requirements in clouds. Our model supports the attribute-rules that deal with the association between users and objects, as well as the capability for accessing objects based on their sensitivity levels. The attribute-rules specify an agreement that determines what kind of attributes should be used and the number of attributes considered for making access decisions. In addition, our model ensures secure resource sharing among potential untrusted tenants and supports different access permissions to the same user at the same session.

AB - One of the most important challenges that have threatened cloud computing and caused its slow adoption is security. Since clouds have diverse groups of users with different sets of security requirements, restricting the users' accesses and protecting information from unauthorized accesses have become the most difficult tasks. To address these critical challenges, in this paper we first formalize Attribute Based Access Control (ABAC) and propose a new access control model, called Attribute-Rule ABAC (AR-ABAC), for cloud computing to meet critical access control requirements in clouds. Our model supports the attribute-rules that deal with the association between users and objects, as well as the capability for accessing objects based on their sensitivity levels. The attribute-rules specify an agreement that determines what kind of attributes should be used and the number of attributes considered for making access decisions. In addition, our model ensures secure resource sharing among potential untrusted tenants and supports different access permissions to the same user at the same session.

KW - Access control models

KW - Attribute based access control

KW - Cloud computing security

UR - https://www.scopus.com/pages/publications/84964835379

UR - https://www.scopus.com/pages/publications/84964835379#tab=citedBy

U2 - 10.1109/CIC.2015.38

DO - 10.1109/CIC.2015.38

M3 - Conference contribution

T3 - Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015

SP - 28

EP - 35

BT - Proceedings - 2015 IEEE Conference on Collaboration and Internet Computing, CIC 2015

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 28 October 2015 through 30 October 2015

ER -

AR-ABAC: A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this