Organization based access control
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
A logic-based framework for attribute based access control
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
HPCC '08 Proceedings of the 2008 10th IEEE International Conference on High Performance Computing and Communications
The next 700 access control models or a unifying meta-model?
Proceedings of the 14th ACM symposium on Access control models and technologies
Cloud Security: A Comprehensive Guide to Secure Cloud Computing
Cloud Security: A Comprehensive Guide to Secure Cloud Computing
Model-based refinement of security policies in collaborative virtual organisations
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Concrete- and abstract-based access control
International Journal of Information Security
Policy hierarchies for distributed systems management
IEEE Journal on Selected Areas in Communications
Logical approaches to authorization policies
Logic Programs, Norms and Action
An access control framework for hybrid policies
Proceedings of the 6th International Conference on Security of Information and Networks
| Hi-index | 0.00 |
In Cloud environments, Cloud users have the possibility to put their sensitive data on Cloud servers, which opens the door to security challenges concerning data protection. In this context, access control is of vital importance, since it provides security mechanisms to protect against inappropriate access to data. Unfortunately, classical access control models such as DAC, MAC, RBAC or ABAC are not sufficiently expressive for highly flexible and dynamic environments such as those found in the Cloud. Often, a combination of elements of these models is necessary in order to properly express varied data protection needs. In this paper, we present a new approach called CatBAC (Category Based Access Control), for building dedicated access control models starting from an abstract meta-model. Hence, in our approach, a meta-model can be refined in accordance with the high level security policies of each specific user. Our framework for building access control models can be implemented as a Cloud service and Cloud providers will then apply different concrete access control models produced by each user to process its incoming access requests.