Role-based access control to outsourced data in could computing

Sun, L., Wang, H. and Bertino, E.

    Data outsourcing is a major component for cloud computing that allows data owner to distribute resources to external services for users and organizations who can apply the resources. A crucial problem for owners is how to make sure their sensitive information accessed by legitimate users only using the trusted services but not authorized to read the actual information. We address the problem with role-based access control to enforce selective access t outsourced data without involving the owner in the access control authorization. The basic idea is to combine cryptography with authorizations, data owners assign keys to roles that will enforce access via encryption. A formal role-based access model is designed to analyse the translating an authorization policy into an equivalent encryption policy. The paper also investigates the affect of role hierarchy structure in the authorization process. The comparisions to other related work are presented. Finally the future work are introduced
Cite as: Sun, L., Wang, H. and Bertino, E. (2013). Role-based access control to outsourced data in could computing. In Proc. Database Technologies 2013 (ADC 2013) Adelaide, Australia. CRPIT, 137. Wang, H. and Zhang, R. Eds., ACS. 119-128
pdf (from pdf (local if available) BibTeX EndNote GS