Browse > Article
http://dx.doi.org/10.3745/JIPS.03.0117

A Secure Cloud Computing System by Using Encryption and Access Control Model  

Mahmood, Ghassan Sabeeh (School of Information Science and Engineering, Central South University)
Huang, Dong Jun (School of Information Science and Engineering, Central South University)
Jaleel, Baidaa Abdulrahman (Dept. of Computer Science, College of Science, University of Diyala)
Publication Information
Journal of Information Processing Systems / v.15, no.3, 2019 , pp. 538-549 More about this Journal
Abstract
Cloud computing is the concept of providing information technology services on the Internet, such as software, hardware, networking, and storage. These services can be accessed anywhere at any time on a pay-per-use basis. However, storing data on servers is a challenging aspect of cloud computing. This paper utilizes cryptography and access control to ensure the confidentiality, integrity, and proper control of access to sensitive data. We propose a model that can protect data in cloud computing. Our model is designed by using an enhanced RSA encryption algorithm and a combination of role-based access control model with extensible access control markup language (XACML) to facilitate security and allow data access. This paper proposes a model that uses cryptography concepts to store data in cloud computing and allows data access through the access control model with minimum time and cost for encryption and decryption.
Keywords
Access Control; Cloud Storage; Encryption; Security;
Citations & Related Records
연도 인용수 순위
  • Reference
1 V. C. Hu and K. A. Kent, Guidelines for Access Control System Evaluation Metrics. Gaithersburg, MD: US Department of Commerce, National Institute of Standards and Technology, 2012.
2 G. S. Mahmood, D. J. Huang, and B. A. Jaleel, "Data security protection in cloud using encryption and authentication," Journal of Computational and Theoretical Nanoscience, vol. 14, no. 4, pp. 1801-1804, 2017.   DOI
3 A. D. Keromytis and J. M. Smith, "Requirements for scalable access control and security management architectures," ACM Transactions on Internet Technology (TOIT), vol. 7, no. 2, article no. 8, 2007.
4 R. L. Rivest, A. Shamir, and L. Adleman, "A method for obtaining digital signatures and public-key cryptosystems," Communications of the ACM, vol. 21, no. 2, pp. 120-126, 1978.   DOI
5 X. Yi, R. Paulet, and E. Bertino, Homomorphic Encryption and Applications. Cham: Springer, 2014.
6 D. F. Ferraiolo, R. Sandhu, S. Gavrila, D. R. Kuhn, and R. Chandramouli, "Proposed NIST standard for role-based access control," ACM Transactions on Information and System Security (TISSEC), vol. 4, no. 3, pp. 224-274, 2001.   DOI
7 J. Carretero and J. G. Blas, "Introduction to cloud computing: platforms and solutions," Cluster Computing, vol. 17, no. 4, pp. 1225-1229, 2014.   DOI
8 M. Ouedraogo, S. Mignon, H. Cholez, S. Furnell, and E. Dubois, "Security transparency: the next frontier for security research in the cloud," Journal of Cloud Computing, vol. 4, no. 1, article no. 12, 2015.
9 E. F. Coutinho, F. R. de Carvalho Sousa, P. A. L. Rego, D. G. Gomes, and J. N. de Souza, "Elasticity in cloud computing: a survey," Annals of Telecommunications, vol. 70, no. 7-8, pp. 289-309, 2015.   DOI
10 X. Liu and J. Liu, "A distributed management method in cloud computing environment," International Journal of Hybrid Information Technology, vol. 9, no. 5, pp. 371-380, 2016.
11 C. N. Hofer and G. Karagiannis, "Cloud computing services: taxonomy and comparison," Journal of Internet Services and Applications, vol. 2, no. 2, pp. 81-94, 2011.   DOI
12 S. Carlin and K. Curran, "Cloud computing security," in Pervasive and Ubiquitous Technology Innovations for Ambient Intelligence Environments. Hershey, PA: Information Science Reference, 2013, pp. 12-17.
13 G. Wang, Q. Liu, J. Wu, and M. Guo, "Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers," Computers & Security, vol. 30, no. 5, pp. 320-331, 2011.   DOI
14 W. Elsayed, T. Gaber, N. Zhang, and M. I. Moussa, "Access control models for pervasive environments: a survey," in The 1st International Conference on Advanced Intelligent System and Informatics (AISI2015). Cham: Springer, 2016, pp. 511-522.
15 E. E. Mon and T. T. Naing, "The privacy-aware access control system using attribute-and role-based access control in private cloud," in Proceedings of 2011 4th IEEE International Conference on Broadband Network and Multimedia Technology, Shenzhen, China, 2011, pp. 447-451.
16 Y. A. Younis, K. Kifayat, and M. Merabti, "An access control model for cloud computing," Journal of Information Security and Applications, vol. 19, no. 1, pp. 45-60, 2014.   DOI
17 L. Zhou, V. Varadharajan, and M. Hitchens, "Achieving secure role-based access control on encrypted data in cloud storage," IEEE Transactions on Information Forensics and Security, vol. 8, no. 12, pp. 1947-1960, 2013.   DOI
18 D. Wei, F. Darie, and L. Shen, "Application layer security proxy for smart Grid substation automation systems," in Proceedings of 2013 IEEE PES Innovative Smart Grid Technologies Conference (ISGT), Washington, DC, 2013, pp. 1-6.
19 D. Wei, Y. Lu, M. Jafari, P. M. Skare, and K. Rohde, "Protecting smart grid automation systems against cyberattacks," IEEE Transactions on Smart Grid, vol. 2, no. 4, pp. 782-795, 2011.   DOI
20 T. Zhu, W. Liu, and J. Song, "An efficient role based access control system for cloud computing," in Proceedings of 2011 IEEE 11th International Conference on Computer and Information Technology, Pafos, Cyprus, 2011, pp. 97-102.
21 B. Wang, S. Zhang, and Z. Zhang, "DRBAC based access control method in substation automation system," in Proceedings of 2008 IEEE International Conference on Industrial Technology, Chengdu, China, 2008, pp. 1-5.
22 D. Rosic, U. Novak, and S. Vukmirovic, "Role-based access control model supporting regional division in smart grid system," in Proceedings of 2013 5th International Conference on Computational Intelligence, Communication Systems and Networks, Madrid, Spain, 2013, pp. 197-201.
23 M. Y. Shabir, A. Iqbal, Z. Mahmood, and A. Ghafoor, "Analysis of classical encryption techniques in cloud computing," Tsinghua Science and Technology, vol. 21, no. 1, pp. 102-113, 2016.   DOI
24 D. E. Bell and L. J. La Padula, "Secure computer system: unified exposition and multics interpretation," MITRE Corp Bedford, MA, Report No. MTR-2997-REV-1, 1976.
25 E. J. Goh, H. Shacham, N. Modadugu, and D. Boneh, "SiRiUS: securing remote untrusted storage," in Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, 2003, pp. 131-145.
26 G. Ateniese, K. Fu, M. Green, and S. Hohenberger, "Improved proxy re-encryption schemes with applications to secure distributed storage," ACM Transactions on Information and System Security (TISSEC), vol. 9, no. 1, pp. 1-30, 2006.   DOI
27 H. Shirvani and H. Vahdat-Nejad, "Storing shared documents that are customized by users in cloud computing," Computing, vol. 98, no. 11, pp. 1137-1151, 2016.   DOI
28 X. Lei, X. Liao, X. Ma, and L. Feng, "Securely and efficiently perform large matrix rank decomposition computation via cloud computing," Cluster Computing, vol. 18, no. 2, pp. 989-997, 2015.   DOI
29 D. F. Ferraiolo, J. F. Barkley, and D. R. Kuhn, "A role-based access control model and reference implementation within a corporate intranet," ACM Transactions on Information and System Security (TISSEC), vol. 2, no. 1, pp. 34-64, 1999.   DOI
30 K. Hasebe, M. Mabuchi, and A. Matsushita, "Capability-based delegation model in RBAC," in Proceedings of the 15th ACM Symposium on Access Control Models and Technologies, Pittsburgh, PA, 2010, pp. 109-118.