Journal:Informatica
Volume 26, Issue 2 (2015), pp. 181–198
Abstract
Abstract
This paper proposes an access control mechanism of verifiable cloud computing services using chameleon hashing and Diffie–Hellman key exchange protocol. By this mechanism, an entity can apply for cloud computing services and he can authorize other users to access granted data or services. When an authorized user or entity wants to access cloud computing services, he can authenticate the cloud computing service provider. Moreover, no entity secret will be revealed by data kept by cloud servers such that security and cost saving can be both ensured. Security proof under the simulation paradigm is also given.
Journal:Informatica
Volume 19, Issue 4 (2008), pp. 517–534
Abstract
In this paper, we present a novel fine-grained access control system for applications where the information flow is critical; the confidentiality of the data is essential and there are a huge number of users who access different portions of an XML document as in military applications. We combine MAC and RBACK models for XML for use in the mentioned type of applications. In accordance with the peculiarities of the target applications, the access control model is structured in such a way that the implementation can be done efficiently for large number of users. In the system presented, instead of using access control lists, we use a security labeling approach in defining the grant rules. By combining the advantages of role-based and mandatory access control schemes, the access control system presented provides a fine-grained, flexible and effective access for applications where the confidentiality of data is crucial. The system is implemented and tested for correctness. Performance analysis is also given.