Conflicts in Policy-Based Distributed Systems Management
IEEE Transactions on Software Engineering
An algebra for composing access control policies
ACM Transactions on Information and System Security (TISSEC)
Multi-Terminal Binary Decision Diagrams: An Efficient DataStructure for Matrix Representation
Formal Methods in System Design
Static verification of security requirements in role based CSCW systems
Proceedings of the eighth ACM symposium on Access control models and technologies
Efficient comparison of enterprise privacy policies
Proceedings of the 2004 ACM symposium on Applied computing
Verification and change-impact analysis of access-control policies
Proceedings of the 27th international conference on Software engineering
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Timed constraint programming: a declarative approach to usage control
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
XACML policy integration algorithms: not to be confused with XACML policy combination algorithms!
Proceedings of the eleventh ACM symposium on Access control models and technologies
Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage
ICDCS '06 Proceedings of the 26th IEEE International Conference on Distributed Computing Systems
A cooperative internet backup scheme
ATEC '03 Proceedings of the annual conference on USENIX Annual Technical Conference
An approach to evaluate policy similarity
Proceedings of the 12th ACM symposium on Access control models and technologies
A simple and expressive semantic framework for policy composition in access control
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Provable data possession at untrusted stores
Proceedings of the 14th ACM conference on Computer and communications security
An algebra for fine-grained integration of XACML policies
Proceedings of the 14th ACM symposium on Access control models and technologies
Data Security in the World of Cloud Computing
IEEE Security and Privacy
Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance
Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance
SCC '09 Proceedings of the 2009 IEEE International Conference on Services Computing
A Taxonomy and Survey of Cloud Computing Systems
NCM '09 Proceedings of the 2009 Fifth International Joint Conference on INC, IMS and IDC
Accountability as a Way Forward for Privacy Protection in the Cloud
CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
Enabling public verifiability and data dynamics for storage security in cloud computing
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Evaluating access control policies through model checking
ISC'05 Proceedings of the 8th international conference on Information Security
Data leakage mitigation for discretionary access control in collaboration clouds
Proceedings of the 16th ACM symposium on Access control models and technologies
Towards end-to-end secure content storage and delivery with public cloud
Proceedings of the second ACM conference on Data and Application Security and Privacy
A privacy preserving authorisation system for the cloud
Journal of Computer and System Sciences
An efficient and secure data sharing framework using homomorphic encryption in the cloud
Proceedings of the 1st International Workshop on Cloud Intelligence
On the design and development of webinos: a distributed mobile application middleware
DAIS'12 Proceedings of the 12th IFIP WG 6.1 international conference on Distributed Applications and Interoperable Systems
A survey on security issues and solutions at different layers of Cloud computing
The Journal of Supercomputing
An efficient and secure approach for a cloud collaborative editing
Journal of Network and Computer Applications
| Hi-index | 0.00 |
Cloud computing enables highly scalable services to be easily consumed over the Internet on an as-needed basis. While cloud computing is expanding rapidly and used by many individuals and organizations internationally, data protection issues in the cloud have not been carefully addressed at current stage. In the cloud, users' data is usually processed remotely in unknown machines that users do not own or operate. Hence, users' fear of confidential data (particularly financial and health data) leakage and loss of privacy in the cloud becomes a significant barrier to the wide adoption of cloud services. To allay users' concerns of their data privacy, in this paper, we propose a novel data protection framework which addresses challenges during the life cycle of a cloud service. The framework consists of three key components: policy ranking, policy integration and policy enforcement. For each component, we present various models and analyze their properties. Our goal is to provide a new vision toward addressing the issues of the data protection in the cloud rather than detailed techniques of each component. To this extent, the paper includes a discussion of a set of general guidelines for evaluating systems designed based on such a framework.