Communications of the ACM - Ontology: different ways of representing the same concept
An ontology-based knowledge management system for flow and water quality modeling
Advances in Engineering Software
Towards an Approach of Semantic Access Control for Cloud Computing
CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
Why cloud computing will never be free
Communications of the ACM
Activity-oriented access control to ubiquitous hospital information and services
Information Sciences: an International Journal
Review: A survey on security issues in service delivery models of cloud computing
Journal of Network and Computer Applications
OSNAC: An Ontology-based Access Control Model for Social Networking Systems
SOCIALCOM '10 Proceedings of the 2010 IEEE Second International Conference on Social Computing
Security and Privacy Challenges in Cloud Computing Environments
IEEE Security and Privacy
Hybrid Computing-Where HPC meets grid and Cloud Computing
Future Generation Computer Systems
An Efficient Role Based Access Control System for Cloud Computing
CIT '11 Proceedings of the 2011 IEEE 11th International Conference on Computer and Information Technology
DACC: Distributed Access Control in Clouds
TRUSTCOM '11 Proceedings of the 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications
Payment Status and Service Level Agreement Based Access Control Method in Cloud Service Business
ICGEC '12 Proceedings of the 2012 Sixth International Conference on Genetic and Evolutionary Computing
| Hi-index | 0.00 |
Cloud service is a new and distinctive business model for service providers. Access control is an emerging and challenging issue in supporting cloud service business. This work proposes a new access control mechanism called cloud service access control (CSAC). The CSAC mechanism considers payment status and service level as the two essential characteristics of cloud service. Ontology is a theoretical foundation for the CSAC mechanism. Inconsistent access control policies are detected by a set of proposed policy conflict analysis rules. Inappropriate user accesses are inhibited by access control policies according the proposed access denying rules. System architecture is designed to support the CSAC mechanism. A case study is provided to demonstrate how CSAC works. Finally, an evaluation is conducted to measure the concept explosion issue in CSAC.