Group-based Discretionary Access Control for Epidemiological Resources

Zamite, João; Domingos, Dulce; Silva, Mário J.; Santos, Carla

doi:10.1016/j.protcy.2013.12.128

Cited by 6 publications

(7 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This group will be controlled by the owner of this group, thus allowing a high level of delegation of administrative capabilities. However, this mechanism can lead to serious security problems if the owner of the group is not trustworthy . For instance, the owner of a group may change the DAC security policy by using malicious software, such as Trojan horse.…”

Section: Access Control Mechanismsmentioning

confidence: 99%

A survey on access control mechanisms for cloud computing

Sibai

Gemayel

Abdo

et al. 2019

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Cloud computing is an Internet‐based computing where the information technology resources are provided to end users following their request. With this technology, users and businesses can access programs, storage, and application development platforms through the Internet and via the services offered by the cloud service providers (CSPs). One of the biggest obstructions in the cloud computing environment is data security. Actually, the data are dispersed across multiple machines and storage devices such as servers, computers, and various mobile devices. The uncontrolled access to these resources and data leads to many important data security risks for the end users. In this way, and in order to ensure the reliability of the cloud and the trust of the users regarding this environment, controlling access to data and resources as well as protecting and ensuring their security becomes a critical task for CSPs. In this work, we present a comprehensive review of existing access control mechanisms used in the cloud computing environment. The advantages and disadvantages of each of these models are discussed and presented along with their analysis. Also, we study the cloud requirements of these models, and we evaluate existing control mechanisms against these requirements.

show abstract

Section: Access Control Mechanismsmentioning

confidence: 99%

A survey on access control mechanisms for cloud computing

Sibai

Gemayel

Abdo

et al. 2019

Trans Emerging Tel Tech

View full text Add to dashboard Cite

show abstract

“…While assigning permissions and limitations to users, instead of working on a single user, it chooses to define groups that are controlled by the owner and introduces certain permissions and limitations to them. Of course, this situation can cause serious security leaks in the case that the owner is not trustworthy [4,61,62]. The most important feature that can cause problems with the system is that the owner can transfer his authority to someone else.…”

Section: Discretionary Access Controlmentioning

confidence: 99%

“…Another problem is the information leaks; in other words, as the control policies are determined according to desires without checking the information of the users by an owner, it does not distinguish between object or subject domains. This prevents it from being able to carry out logical comparisons [61,63]. Another important feature of the control is that it has a really high flexibility when compared to other controls [60,62].…”

Section: Discretionary Access Controlmentioning

confidence: 99%

Survey on Access Control Mechanisms in Cloud Computing

Karataş

Akbulut

2018

JCSM

View full text Add to dashboard Cite

The benefits that Internet-based applications and services have given to the end user with today's cloud computing technology are very remarkable. The distributed services instantly scaled over the Internet provided by cloud computing can be achieved by using some mechanisms in the background. It is a critical task for end users to control access to resources because lack of control often leads to security risks. In addition, this may cause systems to fail. This paper describes seven different access control mechanisms used in cloud computing platforms for different purposes. Besides, the advantages and disadvantages of various models developed from previous service-based architectures and used for cloud computing are detailed and classified. During the assessments, NIST's metrics were taken as a reference, and in the study, 109 articles from the past decade were examined. We also compared our research with the existing survey papers.

show abstract

“…Access control , through user permission definition and authorization, can ensure that only the users with legal rights can access the authorized data in the system, while unauthorized users cannot access the data (Zamite et al , 2013; Stefano et al , 2015). Access control is one of the basic security means of a database system, which can be divided into two categories, i.e.…”

Section: Introductionmentioning

confidence: 99%

“…Now, fingerprint verification (Hanene et al , 2013), face verification (Bianco, 2016), pupil verification (Villalobos-Castaldi et al , 2013) and other biometric verification become more and more mature, and most of them have been applied to user authentication. As a result, user identity authentication can be divided into single factor authentication (such as password, smart card, dynamic password and biometrics) and multifactor authentication (Bhargav-Spantzel et al , 2010) that combines multiple single factor authentications together to strengthen the security of user identity authentication. Access control , through user permission definition and authorization, can ensure that only the users with legal rights can access the authorized data in the system, while unauthorized users cannot access the data (Zamite et al , 2013; Stefano et al , 2015). Access control is one of the basic security means of a database system, which can be divided into two categories, i.e.…”

Section: Introductionmentioning

confidence: 99%

How to protect reader lending privacy under a cloud environment: a technical method

Shen

et al. 2020

LHT

View full text Add to dashboard Cite

PurposeIn this paper, the authors propose an effective mechanism for the protection of digital library readers' lending privacy under a cloud environment.Design/methodology/approachThe basic idea of the method is that for each literature circulation record, before being submitted to the untrusted cloud database of a digital library for storage, its reader number has to be encrypted strictly at a client, so as to make it unable for an attacker at the cloud to know the specific reader associated with each circulation record and thus protect readers' lending privacy. Moreover, the authors design an effective method for querying the encrypted literature circulation records, so as to ensure the accuracy and efficiency of each kind of database queries related to the encrypted reader number field of literature circulation records.FindingsFinally, both theoretical analysis and experimental evaluation demonstrate the effectiveness of the proposed methods.Originality/valueThis paper presents the first study attempt to the privacy protection of readers' literature circulations, which can improve the security of readers' lending privacy in the untrusted cloud, without compromising the accuracy and efficiency of each kind of database queries in the digital library. It is of positive significance to construct a privacy-preserving digital library platform.

show abstract

Group-based Discretionary Access Control for Epidemiological Resources

Cited by 6 publications

References 8 publications

A survey on access control mechanisms for cloud computing

A survey on access control mechanisms for cloud computing

Survey on Access Control Mechanisms in Cloud Computing

How to protect reader lending privacy under a cloud environment: a technical method

Contact Info

Product

Resources

About