Integrating trust with cryptographic role-based access control for secure cloud data storage

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

12 Citations (Scopus)

Abstract

There has been a recent trend in storing data in cloud due to the increasing amount of users' data and associated benefits such as on-demand access and scalability. Role-based access control (RBAC) provides a flexible way for data owners to manage and share their data in cloud. To enforce the access control policies in the cloud, cryptographic RBAC schemes have been developed, which combine cryptographic techniques and access control to protect the privacy of the data in an outsourced environment. Using these cryptographic schemes, the owner of data can encrypt the data in such a way that only the users with appropriate roles as specified by a role-based access control policy can decrypt and view the data. However these cryptographic approaches do not address the issues of trust when enforcing the access policies. The issue of trust is critical in cloud storage systems, the stored data in the cloud is secure under the assumptions that roles are properly administered by trusted authorities, roles manage the user membership in a trusted manner and qualified users also behave in a trusted manner. In this paper, we propose a trust model to reason about and improve the security for stored data in cloud storage systems that use cryptographic RBAC schemes. The trust model provides an approach for the owners to determine the trustworthiness of individual roles in the RBAC system. The data owners can use the trust models to decide whether to store their encrypted data in the cloud for a particular role. The proposed trust model takes into account role inheritance and hierarchy in the evaluation of trustworthiness of roles. In addition, we present a design of a trust-based cloud storage system which shows how the trust model can be integrated into a system that uses cryptographic RBAC schemes. We have also described the relevance of the proposed trust model by considering practical application scenarios and illustrated how the trust evaluations can be used to reduce the risks and enhance the quality of decision making by data owners of cloud storage service.

Original languageEnglish
Title of host publicationProceedings
Subtitle of host publication12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2013, 11th IEEE International Symposium on Parallel and Distributed Processing with Applications, ISPA-13, 12th IEEE International Conference on Ubiquitous Computing and Communications, IUCC-2013, 16-18 July 2013, Melbourne, Victoria, Australia
Place of PublicationPiscataway, NJ
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages560-569
Number of pages10
ISBN (Print)9780769550220
DOIs
Publication statusPublished - 2013
Event12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2013 - Melbourne, VIC, Australia
Duration: 16 Jul 201318 Jul 2013

Other

Other12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2013
CountryAustralia
CityMelbourne, VIC
Period16/07/1318/07/13

Fingerprint Dive into the research topics of 'Integrating trust with cryptographic role-based access control for secure cloud data storage'. Together they form a unique fingerprint.

Cite this