An ABAC Based Policy Definement for Enriching Access Control in Cloud

Authors

  • Yagnik A. Rathod  Research Scholar, Computer/IT Engineering, Gujarat Technological University, Ahmedabad, Gujarat, India
  • Dr. Chetan B. Kotwal  Professor & Head, Electrical Engineering Department, SVIT, Vasad, Gujarat, India
  • Dr. Sohil D. Pandya  Assistant Professor and Head, MCA Department, SVIT, Vasad, Gujarat, India

DOI:

https://doi.org//10.32628/CSEIT2062125

Keywords:

Cloud Computing, ABAC, IAM

Abstract

Cloud Computing becomes most preferable solution for satisfying the various requirements of organizations and institutions. Different types of clouds like IaaS, PaaS, SaaS makes cloud capable to fulfills the client's different kind of needs like computer processing power, storage spaces, databases, software, application, web based solutions. Cloud computing can also be useful and worthy in providing certain customized solutions to enhance the capability of legacy systems in terms of effectiveness, reliability and optimization by replication of environment up to satisfactory extent. To provide adequate security solutions for cloud is still a challenging task and access control mechanism is one of the domain which demands significant attention on the mission towards securing clouds. In this paper, our work primarily focus on defining ABAC components, mapping functions and access control policies composed by access rules. Amazon Web Services is one of the most prominent cloud providers. Identity and Access Management (IAM) and Amazon S3 are access management and storage facilities of AWS respectively. ABAC based access policies are attached with the user and storage components for authorization.

References

  1. B. Jayant.D, U. A, A. S, and M. G, “Analysis of DAC MAC RBAC Access Control based Models for Security,” Int. J. Comput. Appl., vol. 104, pp. 6–13, 2014, doi: 10.5120/18196-9115.
  2. T. Priebe, D. Wolfgang, S. Christian, and K. Nora, “Supporting Attribute-based Access Control in Authorization and Authentication Infrastructures with Ontologies,” J. Softw., vol. 2, 2007, doi: 10.4304/jsw.2.1.27-38.
  3. F. Lonetti and E. Marchetti, “Issues and Challenges of Access Control in the Cloud,” in WEBIST, 2018.
  4. V. Hu, D. Kuhn, and D. Ferraiolo, “Attribute-Based Access Control,” Computer (Long. Beach. Calif)., vol. 48, pp. 85–88, 2015, doi: 10.1109/MC.2015.33.
  5. V. Hu et al., “Guide to attribute based access control (ABAC) definition and considerations,” Natl. Inst. Stand. Technol. Spec. Publ., pp. 162–800, 2014.
  6. X. Jin, R. Krishnan, and R. Sandhu, “A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC BT - Lecture Notes in Computer Science,” Lect. Notes Comput. Sci., vol. 7371, no. Chapter 4, pp. 41–55, 2012, Online]. Available: http://dx.doi.org/10.1007/978-3-642-31540-4_4%5Cnpapers2://publication/doi/10.1007/978-3-642-31540-4_4.
  7. K. Riad, H. Hu, Z. Yan, H. Hu, and G. Ahn, “AR-ABAC: A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing,” in 2015 IEEE Conference on Collaboration and Internet Computing (CIC), Oct. 2015, no. December 2016, pp. 28–35, doi: 10.1109/CIC.2015.38.
  8. C. E. Da Silva et al., “Self-adaptive authorisation in OpenStack cloud platform,” J. Internet Serv. Appl., vol. 9, no. 1, p. 19, 2018, doi: 10.1186/s13174-018-0090-7.
  9. S. Patel and Y. Rathod, “An Auditable Attribute Based Access Control Mechanism in Openstack Cloud Environment,” Int. J. Innov. Res. Comput. Commun. Eng., vol. Vol. 4, no. Issue 5, pp. 10241–10246, 2016, doi: 10.15680/IJIRCCE.2016.
  10. B. Tang and R. Sandhu, “Extending OpenStack Access Control with Domain Trust,” in Network and System Security, 2014, pp. 54–69.
  11. S. Bhatt et al., “An Attribute-Based Access Control Extension for OpenStack and Its Enforcement Utilizing the Policy Machine,” in 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC), Nov. 2016, pp. 37–45, doi: 10.1109/CIC.2016.019.
  12. S.-S. Yeo, S.-J. Kim, and D.-E. Cho, “Dynamic Access Control Model for Security Client Services in Smart Grid,” Int. J. Distrib. Sens. Networks, vol. 2014, pp. 1–7, 2014, doi: 10.1155/2014/181760.
  13. M. Ed-Daibouni, A. Lebbat, S. Tallal, and H. Medromi, “Toward a New Extension of the Access Control Model ABAC for Cloud Computing,” in Advances in Ubiquitous Networking, 2016, pp. 79–89.
  14. E. F. Silva and C. M. Saade, “ACROSS-FI : Attribute-Based Access Control with Distributed Policies for Future Internet Testbeds,” in ICN 2015 : The Fourteenth International Conference on Networks ACROSS-FI:, 2015, no. c, pp. 198–204.
  15. G. Suciu, C. Istrate, A. Vulpe, M.-A. Sachian, and M. Vochin, “Attribute-based Access Control for Secure and Resilient Smart Grids,” 2019, doi: 10.14236/ewic/icscsr19.9.
  16. A. Meshram, S. Das, S. Sural, J. Vaidya, and V. Atluri, “ABACaaS: Attribute-Based Access Control as a Service,” 2019, pp. 153–155, doi: 10.1145/3292006.3302381.
  17. C. Ruland and J. Sassmannshausen, “Firewall for Attribute-Based Access Control in Smart Grids,” in 2018 IEEE International Conference on Smart Energy Grid Engineering (SEGE), Aug. 2018, pp. 336–341, doi: 10.1109/SEGE.2018.8499306.

IInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology

Downloads

Published

2019-02-28

Issue

Volume 5, Issue 1, January-February-2019

Section

Research Articles

License

Copyright (c) IJSRCSEIT

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Yagnik A. Rathod, Dr. Chetan B. Kotwal, Dr. Sohil D. Pandya, " An ABAC Based Policy Definement for Enriching Access Control in Cloud, IInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology(IJSRCSEIT), ISSN : 2456-3307, Volume 5, Issue 1, pp.586-592, January-February-2019. Available at doi : https://doi.org/10.32628/CSEIT2062125