Survey on Access Control Mechanisms in Cloud Computing

Abstract: The benefits that Internet-based applications and services have given to the end user with today's cloud computing technology are very remarkable. The distributed services instantly scaled over the Internet provided by cloud computing can be achieved by using some mechanisms in the background. It is a critical task for end users to control access to resources because lack of control often leads to security risks. In addition, this may cause systems to fail. This paper describes seven different access control m… Show more

“…The National Institute of Standards and Technology (NIST) proposed a set of quality metrics of AC systems [30] in 2006, which were used by [31] in 2012 to define respective evaluation properties. These metrics are also used to evaluate concepts, not only systems [32]. Properties need to The properties in [31] are grouped into four categories: administration, enforcement, performance, and support.…”

“…-Yes. The ABAC model enforces an intermediate level of the least privilege principle as access rights and constraints can be specified using attributes [32]. Thus, XACML4G supports this property the same way as for XACML.…”

“…-Yes. XACML and hence, XACML4G is based on ABAC which has high levels of SoD, because it specifies access rights in terms of attributes and assigns them to certain principles [32]. In XACML4G, this property is critical in the context of the university scenario (see "Demonstration Case") to differentiate between conflicting roles and activate only one at a time (e.g., a person with the roles professor and student).…”

“…-Yes. The ABAC model enforces safety at high levels [32]. XACML is flexible and trustable in expressing and applying constraints on subjects and resources.…”

Extended Authorization Policy for Graph-Structured Data

“…The National Institute of Standards and Technology (NIST) proposed a set of quality metrics of AC systems [30] in 2006, which were used by [31] in 2012 to define respective evaluation properties. These metrics are also used to evaluate concepts, not only systems [32]. Properties need to The properties in [31] are grouped into four categories: administration, enforcement, performance, and support.…”

“…-Yes. The ABAC model enforces an intermediate level of the least privilege principle as access rights and constraints can be specified using attributes [32]. Thus, XACML4G supports this property the same way as for XACML.…”

“…-Yes. XACML and hence, XACML4G is based on ABAC which has high levels of SoD, because it specifies access rights in terms of attributes and assigns them to certain principles [32]. In XACML4G, this property is critical in the context of the university scenario (see "Demonstration Case") to differentiate between conflicting roles and activate only one at a time (e.g., a person with the roles professor and student).…”

“…-Yes. The ABAC model enforces safety at high levels [32]. XACML is flexible and trustable in expressing and applying constraints on subjects and resources.…”

Extended Authorization Policy for Graph-Structured Data

A Model Checking Based Approach for Verification of Attribute-Based Access Control Policies in Cloud Infrastructures

Elastic Security for Autonomic Computing Using Intelligent Algorithm