A trust management framework for secure cloud data storage using cryptographic role-based access control

Lan Zhou*, Vijay Varadharajan, Michael Hitchens

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

Abstract

In recent times, there has been an increasing development of storing data securely in the cloud. The Role-based access control (RBAC) model, a widely used access control model, can provide a flexible way for data owners to manage and share their data in the cloud environment. To enforce the access control policies in the cloud, several cryptographic RBAC schemes have been proposed recently, which integrate cryptographic techniques with RBAC models to secure data storage in an outsourced environment such as a cloud. However, these schemes do not address the issue of trust in such a data storage system. In this paper, we introduce a trust management framework which can enhance the security of data in cloud storage systems using cryptographic RBAC schemes. The trust management framework provides an approach for each party in such a cloud storage system to determine the trustworthiness of other parties. The framework consists of a series of trust models, which (i) enable the users and the data owners to decide whether to interact with a particular role for accessing and sharing data in the system and (ii) allow the role managers to evaluate the trustworthiness of users and data owners. These trust models take into account role inheritance and hierarchy in the evaluation of trustworthiness of the roles. In addition, we present a design of a trust-based cloud storage system which shows how the trust models for users and roles can be integrated into a system that uses cryptographic RBAC schemes.

Original languageEnglish
Title of host publicationE-Business and Telecommunications
Subtitle of host publicationInternational Joint Conference, ICETE 2013, Reykjavik, Iceland, July 29-31, 2013 Revised Selected Papers
EditorsMohammad S. Obaidat, Joaquim Filipe
Place of PublicationHeidelberg
PublisherSpringer, Springer Nature
Pages226-251
Number of pages26
ISBN (Electronic)9783662447888
ISBN (Print)9783662447871
DOIs
Publication statusPublished - 2014
Event10th International Joint Conference on E-Business and Telecommunications, ICETE 2013 - Reykjavik, Iceland
Duration: 29 Jul 201331 Jul 2013

Publication series

NameCommunications in Computer and Information Science
Volume456
ISSN (Print)1865-0929
ISSN (Electronic)1865-0937

Conference

Conference10th International Joint Conference on E-Business and Telecommunications, ICETE 2013
Country/TerritoryIceland
CityReykjavik
Period29/07/1331/07/13

Keywords

  • Cryptographic
  • RBAC
  • Role-based access control
  • Trust model

Fingerprint

Dive into the research topics of 'A trust management framework for secure cloud data storage using cryptographic role-based access control'. Together they form a unique fingerprint.

Cite this