• Complex
  • Title
  • Keyword
  • Abstract
  • Scholars
  • Journal
  • ISSN
  • Conference
搜索

Author:

Lin, Li (Lin, Li.) | Hu, Jian (Hu, Jian.) | Zhang, Jianbiao (Zhang, Jianbiao.) (Scholars:张建标)

Indexed by:

EI Scopus SCIE CSCD

Abstract:

Combining different independent cloud services must coordinate their access control policies. Otherwise unauthorized access to composite cloud service can occur when there's a conflict among different cloud service providers' access control policies, and then it will bring serious data security and privacy issues. In this paper, we propose Packet, a novel access control policy composition method that can detect and resolve policy conflicts in cloud service composition, including those conflicts related to privacyaware purposes and conditions. The Packet method is divided into four steps. First, employing a unified description, heterogeneous policies are transformed into a unified attributebased format. Second, to improve the conflict detection efficiency, policy conflicts on the same resource can be eliminated by adopting cosine similarity-based algorithm. Third, exploiting a hierarchical structure approach, policy conflicts related to different resources or privacy-aware purposes and conditions can be detected. Fourth, different conflict resolution techniques are presented based on the corresponding conflict types. We have successfully implemented the Packet method in Openstack platform. Comprehensive experiments have been conducted, which demonstrate the effectiveness of the proposed method by the comparison with the existing XACML-based system at conflict detection and resolution performance.

Keyword:

conflict detection privacy unified policy format similarity analysis conflict resolution policy composition access control cloud service composition

Author Community:

  • [ 1 ] [Lin, Li]Beijing Univ Technol, Coll Comp Sci, Beijing 100124, Peoples R China
  • [ 2 ] [Hu, Jian]Beijing Univ Technol, Coll Comp Sci, Beijing 100124, Peoples R China
  • [ 3 ] [Zhang, Jianbiao]Beijing Univ Technol, Coll Comp Sci, Beijing 100124, Peoples R China
  • [ 4 ] [Lin, Li]Beijing Key Lab Trusted Comp, Beijing 100124, Peoples R China
  • [ 5 ] [Hu, Jian]Beijing Key Lab Trusted Comp, Beijing 100124, Peoples R China
  • [ 6 ] [Zhang, Jianbiao]Beijing Key Lab Trusted Comp, Beijing 100124, Peoples R China
  • [ 7 ] [Lin, Li]Natl Engn Lab Classified Informat Secur Protect, Beijing 100124, Peoples R China
  • [ 8 ] [Zhang, Jianbiao]Natl Engn Lab Classified Informat Secur Protect, Beijing 100124, Peoples R China

Reprint Author's Address:

  • [Lin, Li]Beijing Univ Technol, Coll Comp Sci, Beijing 100124, Peoples R China;;[Lin, Li]Beijing Key Lab Trusted Comp, Beijing 100124, Peoples R China;;[Lin, Li]Natl Engn Lab Classified Informat Secur Protect, Beijing 100124, Peoples R China

Show more details

Related Keywords:

Related Article:

Source :

FRONTIERS OF COMPUTER SCIENCE

ISSN: 2095-2228

Year: 2016

Issue: 6

Volume: 10

Page: 1142-1157

4 . 2 0 0

JCR@2022

ESI Discipline: COMPUTER SCIENCE;

ESI HC Threshold:167

CAS Journal Grade:4

Cited Count:

WoS CC Cited Count: 9

SCOPUS Cited Count: 10

ESI Highly Cited Papers on the List: 0 Unfold All

WanFang Cited Count:

Chinese Cited Count:

30 Days PV: 8

Online/Total:536/10798959
Address:BJUT Library(100 Pingleyuan,Chaoyang District,Beijing 100124, China Post Code:100124) Contact Us:010-67392185
Copyright:BJUT Library Technical Support:Beijing Aegean Software Co., Ltd.