International Journal of Computer
Trends and Technology

Research Article | Open Access | Download PDF

Volume 4 | Issue 3 | Year 2013 | Article Id. IJCTT-V4I3P123 | DOI : https://doi.org/10.14445/22312803/IJCTT-V4I3P123

Security and Access Control Evaluation for Cloud Data Centers

P.Balasubramanian

Citation :

P.Balasubramanian, "Security and Access Control Evaluation for Cloud Data Centers," International Journal of Computer Trends and Technology (IJCTT), vol. 4, no. 3, pp. 311-315, 2013. Crossref, https://doi.org/10.14445/22312803/IJCTT-V4I3P123

Abstract

Cloud computing is a computing paradigm that enables highly scalable services to be consumed over the Internet on a shared basis. Cloud service providers place data in data centers which is distributed as shared data to the users. Users’ data are usually processed remotely in unknown machines that users do not ownership. Centralized monitoring applications are not suitable in the cloud environment and hence data access is provided on a shared basis by cloud service providers. These shared data values are monitored by different cloud auditing schemes. Cloud Information Accountability is an efficient framework for this auditing. This combines the data aspects of access control, usage control and authentication. CIA uses JAR( Java Archives) files for auditing functionality. Two modes of auditing are push mode and pull mode. The push mode refers to logs that are sent to the data owner in a periodic fashion. The pull mode refers to the scenario wherein any authorized person can access the logs when needed. JAR files log the data values in a periodic manner. These data are sent along with access control policies and logging policies enclosed in JAR files, to cloud service providers. When the data are accessed by any external entity, logging mechanism is automatically triggered. In the proposed system, JAR authentication is provided and JRE integration verification is also provided. The CIA model is enhanced with authentication and integrity analysis models. It is a platform independent accountability management model.

Keywords

Cloud computing, accountability, auditing, data sharing, JAR files, Cloud Information Accountability.

References

[1] A.Pretschner, F. Schuo¨ tz, C. Schaefer, and T. Walter, “Policy Evolution in Distributed Usage Control,” Electronic Notes Theoretical Computer Science, vol. 244, pp. 109-123, 2009.
[2] S. Pearson and A. Charlesworth, “Accountability as a Way Forward for Privacy Protection in the Cloud,” Proc.First Int’l Conf. Cloud Computing, 2009.
[3] SmithaSundareswaran, Anna C. Squicciarini, and Dan Lin, “Ensuring Distributed Accountability for Data Sharing in the Cloud”.IEEE Transactions on Dependable And Secure Computing, Vol. 9, No. 4, July/August 2012.
[4] Chun and A.C. Bavier, “Decentralized Trust Management and Accountability in  Systems,” Proc. Ann. Hawaii Int’l Conf. System Sciences (HICSS), 2004.
[5] M.C. Mont, S. Pearson, and P. Bramhall, “Towards Accountable Management of Identity and Privacy: Sticky Policies and Enforceable Tracing Services,” Proc. Int’l Workshop Database and Expert Systems Applications (DEXA), pp. 377-382, 2003.
[6] M. Xu, X. Jiang, R. Sandhu, and X. Zhang, “Towards a VMMBased Usage Control Framework for OS Kernel Integrity Protection,” SACMAT ‘07: Proc. 12th ACM Symp. Access Control Models and Technologies, pp. 71-80, 2007.
[7] P. Buneman, A. Chapman, and J. Cheney, “Provenance Management in Curated Databases,” Proc. ACM SIGMOD Int’l Conf. Management of Data (SIGMOD ’06), pp. 539-550, 2006.
[8] Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou, “Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing,” Proc. European Conf. Research in Computer Security (ESORICS), pp. 355370, 2009.
[9] R. Corin, S. Etalle, J.I. den Hartog, G. Lenzini, and I. Staicu, “A Logic for Auditing Accountability in Decentralized Systems,” Proc. IFIP TC1 WG1.7 Workshop Formal Aspects in Security and Trust, pp. 187-201, 2005.
[10] RagibHasan, RaduSion and Marianne Winslett, “Preventing History Forgery with Secure Provenance”, May 24, 2009.
[11] S. Etalle and W.H. Winsborough, “A Posteriori Compliance Control,” SACMAT ’07: Proc. 12th ACM Symp. Access Control Models and Technologies, pp. 11-20, 2007.
[12] S. Pearson, Y. Shen, and M. Mowbray, “A Privacy Manager for Cloud Computing,” Proc. Int’l Conf. Cloud Computing (CloudCom), pp. 90106, 2009.