Title :
SaaS Access Control Research Based on UCON
Author :
Zhu, Junli ; Wen, Qiaoyan
Author_Institution :
State Key Lab. of Networking & Switching Technol., Beijing Univ. of Posts & Telecommun., Beijing, China
Abstract :
SaaS access control security issues become increasingly significant. How to ensure that user data´s confidentiality, integrity and scalability has become the focus problems. To solve this problem, we have studied the usage control (UCON) model which can achieve dynamic access control by mutability of attributes and continuity of decisions. SaaS access control needs the duribility of obligations. However, UCON does not have this feature. In order to achieve fine-grained, and secure access control preferably, we propose a UCON post-obligation model. At the same time, we use set theory and logic predicates to define the UCON post-obligation model. On that basis, we combine different UCON models and features of SaaS, and put forward a common access control flow to achieve the user data´s privacy protection.
Keywords :
authorisation; cloud computing; data privacy; formal logic; set theory; SaaS access control research; SaaS access control security issues; UCON post-obligation model; access control flow; dynamic access control; logic predicates; obligation duribility; set theory; software-as-a-service; usage control model; user data confidentiality; user data privacy protection; Authorization; Data privacy; Educational institutions; Access Control; SaaS; UCON;
Conference_Titel :
Digital Home (ICDH), 2012 Fourth International Conference on
Conference_Location :
Guangzhou
Print_ISBN :
978-1-4673-1348-3
DOI :
10.1109/ICDH.2012.50
