Author :
Msahli, Mounira ; Serhrouchni, Ahmed
Author_Institution :
INFRES, Telecom Paristech, Paris, France
Abstract :
Data security is core concerns of hardware and software implementations. It is impacted not only by network architecture but also by access control mechanisms. In literature, there are several access control models such as the Mandatory Access Control (MAC), the Discretionary Access Control (DAC), the Role-Based Access Control (RBAC) and the latest one Usage Control Authorization, oBligation and Condition (UCONabc). We have already introduced the Profile centric modeling in previous work. In this paper we focus on the profile centric modeling using graph formalism and its implementation using matrixes. We already defined the profile as the combination of all possible authorization, obligation, condition, role, etc. and other access parameters like attributes that we can found in Cloud system. In this paper, we discuss its application, its complexity and its implementation based on Hadoop Distributed File System and using three matrixes (profile definition, profile inheritance and user assignment). The Profile centric modeling is an optimum paradigm to define access control policy in complex distributed and elastic system like cloud computing: Safe Box as a service.
Keywords :
authorisation; cloud computing; graph theory; DAC; Hadoop distributed file system; MAC; PCM; RBAC; Safe Box as a service; UCONabc; cloud computing; data security; discretionary access control; graph formalism; mandatory access control; obligation and condition; profile centric modeling; profile definition; profile inheritance; role-based access control; usage control authorization; user assignment; Authorization; Cloud computing; Companies; Complexity theory; Computational modeling; Profile centric modeling; SBaaS; access control; complexity; graph; security;
Conference_Titel :
Granular Computing (GrC), 2014 IEEE International Conference on
Conference_Location :
Noboribetsu
DOI :
10.1109/GRC.2014.6982835
