Research Area:  Cloud Security
Cloud systems provide significant benefits by allowing users to store massive amount of data on demand in a cost-effective manner. Role-based access control (RBAC) is a well-known access control model which can be used to protect the security of cloud data storage. Although cryptographic RBAC schemes have been developed recently to secure data outsourcing, these schemes assume the existence of a trusted administrator managing all the users and roles, which is not realistic in large-scale systems. In this paper, we introduce a cryptographic administrative model AdC-RBAC for managing and enforcing access policies for cryptographic RBAC schemes. The AdC-RBAC model uses cryptographic techniques to ensure that the administrative tasks are performed only by authorised administrative roles. Then we propose a role-based encryption (RBE) scheme and show how the AdC-RBAC model decentralises the administrative tasks in the RBE scheme thereby making it practical for security policy management in large-scale cloud systems.
Keywords:  
Role-based access control
Administration
Cryptographic RBAC
Role-based encryption
Cloud computing
Data storage
Author(s) Name:  Lan Zhou, Vijay Varadharajan, Michael Hitchens
Journal name:  Journal of Computer and System Sciences
Conferrence name:  
Publisher name:  Elsevier
DOI:  10.1016/j.jcss.2014.04.019
Volume Information:  Volume 80, Issue 8, December 2014, Pages 1518-1533
Paper Link:   https://www.sciencedirect.com/science/article/pii/S0022000014000634