Research Area: Cloud Security
Cloud data storage has provided significant benefits by allowing users to store massive amount of data on demand in a cost-effective manner. To protect the privacy of data stored in the cloud, cryptographic role-based access control (RBAC) schemes have been developed to ensure that the data can only be accessed by those who are allowed by access policies. However, these cryptographic approaches do not address the issues of trust. In this paper, we propose trust models to reason about and to improve the security for stored data in cloud storage systems that use cryptographic RBAC schemes. The trust models provide an approach for the owners and roles to determine the trustworthiness of individual roles and users, respectively, in the RBAC system. The proposed trust models consider role inheritance and hierarchy in the evaluation of trustworthiness of roles. We present a design of a trust-based cloud storage system, which shows how the trust models can be integrated into a system that uses cryptographic RBAC schemes. We have also considered practical application scenarios and illustrated how the trust evaluations can be used to reduce the risks and to enhance the quality of decision making by data owners and roles of cloud storage service.
Keywords:
Cloud computing
Access control
Encryption
Data models
Cloud Storage
Author(s) Name: Lan Zhou; Vijay Varadharajan; Michael Hitchens
Journal name: IEEE Transactions on Information Forensics and Security
Conferrence name:
Publisher name: IEEE
DOI: 10.1109/TIFS.2015.2455952
Volume Information: Volume: 10, Issue: 11, November 2015,Page(s): 2381 - 2395
