Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Securing Cloud Computing Using Access Control Systems: A Comprehensive Review

  • Conference paper
  • First Online:
Forthcoming Networks and Sustainability in the AIoT Era (FoNeS-AIoT 2024)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 1036))

  • 105 Accesses

Abstract

Access control management systems play a crucial role in the infrastructure of cloud computing, relying on providing and managing access to computer resources. These systems employ strict access control procedures to guarantee the security and privacy of data. Service providers have the authority to establish and implement access policies, giving individuals and entities certain permissions. This entails confirming user identities, assigning the proper rights, and keeping an eye on activity via tracking and evaluating. An overview of the access control concept is given in this study, with an emphasis on role-based access control. It provides a thorough explanation of this kind of access control system and presents a few recent examples of how this idea is being used in successful works.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 249.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Mohammed, S.J., Taha, D.B.: From cloud computing security towards homomorphic encryption: a comprehensive review. TELKOMNIKA (Telecommunication Computing Electronics and Control) 19(4), 1152–1161 (2021)

    Article  Google Scholar 

  2. Sun, P.: Security and privacy protection in cloud computing: Discussions and challenges. J. Netw. Comput. Appl. 160, 102642 (2020)

    Article  Google Scholar 

  3. Verma, D.K., Sharma, T.: Issues and challenges in cloud computing. Int. J. Adv. Res. Comput. Commun. Eng. 8, 188–195 (2019)

    Google Scholar 

  4. Puri, G.S., Tiwary, R., Shukla, S.: A review on cloud computing. In: 2019 9th International Conference on Cloud Computing, Data Science & Engineering (Confluence). IEEE (2019)

    Google Scholar 

  5. Yan, L., Hao, X., Cheng, Z., Zhou, R.: Cloud computing security and privacy. In: Proceedings of the 2018 International Conference on Big Data and Computing, pp. 119–123 (2018). https://doi.org/10.1145/3220199.3220217

  6. Mohammed, S.J., Taha, D.B.: Privacy preserving algorithm using Chao-Scattering of partial homomorphic encryption. In: Journal of Physics: Conference Series, Vol. 1963, No. 1, p. 012154. IOP Publishing (2021)

    Google Scholar 

  7. Subramanian, N., Jeyaraj, A.: Recent security challenges in cloud computing. Comput. Electr. Eng. 71, 28–42 (2018)

    Article  Google Scholar 

  8. Tabrizchi, H., Kuchaki Rafsanjani, M.: A survey on security challenges in cloud computing: issues, threats, and solutions. J. Supercomput. 76, 9493–9532 (2020)

    Article  Google Scholar 

  9. Kumar, G.: A review on data protection of cloud computing security, benefits, risks and suggestions. United Int. J. Res. Technol. 1(2), 26–34 (2019)

    Google Scholar 

  10. Ahmed, I.: A brief review: security issues in cloud computing and their solutions. TELKOMNIKA Telecommunication, Computing, Electronics and Control 17(6), 2812–2817 (2019). https://doi.org/10.12928/telkomnika.v17i6.12490

    Article  Google Scholar 

  11. Basu, S., Bardhan, A., Gupita, K., Saha, P.: Cloud computing security challenges & solutions-a survey. In: IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC), 347–356 (2018). https://doi.org/10.1109/CCWC.2018.8301700

  12. Mohammed, S.J., Taha, D.B.: Paillier cryptosystem enhancement for Homomorphic Encryption technique. Multimedia Tools and Applications, 1–13 (2023)

    Google Scholar 

  13. Mohammed, S.J., Taha, D.B.: Performance evaluation of RSA, ElGamal, and paillier partial homomorphic encryption algorithms. In: 2022 International Conference on Computer Science and Software Engineering (CSASE), pp. 89–94. IEEE (2022)

    Google Scholar 

  14. Gill, S.H., et al.: Security and privacy aspects of cloud computing: a smart campus case study. Intell. Autom. Soft Comput. 31(1), 117–128 (2022)

    Google Scholar 

  15. El Sibai, R., et al.: A survey on access control mechanisms for cloud computing. Trans. Emerg. Telecommun. Technolo. 31(2), e3720 (2020)

    Google Scholar 

  16. Mahmood, N.Z., Ahmed, S.R., Al-Hayaly, A.F., Algburi, S., Rasheed, J.: The evolution of administrative information systems: assessing the revolutionary impact of artificial intelligence. In: 2023 7th International Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT), pp. 1–7. Ankara, Turkiye (2023)

    Google Scholar 

  17. Sifou, F., Kartit, A., Hammouch, A.: Different access control mechanisms for data security in cloud computing. In: Proceedings of the 2017 International Conference on Cloud and Big Data Computing (2017)

    Google Scholar 

  18. Agrawal, N., Tapaswi, S.: A trustworthy agent-based encrypted access control method for mobile cloud computing environment. Pervasive Mobile Comput. 52, 13–28 (2019)

    Article  Google Scholar 

  19. Charanya, R., Aramudhan, M.: Survey on access control issues in cloud computing. In: 2016 International Conference on Emerging Trends in Engineering, Technology and Science (ICETETS), pp. 1–4. Pudukkottai, India (2016). https://doi.org/10.1109/ICETETS.2016.7603014

  20. Ahmed, S.R., Ahmed, A.K., Jwmaa, S.J.: Analyzing the employee turnover by using decision tree algorithm. In: 2023 5th International Congress on Human-Computer Interaction, Optimization and Robotic Applications (HORA) (2023)

    Google Scholar 

  21. Cai, F., Zhu, N., He, J., et al.: Survey of access control models and technologies for cloud computing. Cluster Comput 22(Suppl 3), 6111–6122 (2019)

    Article  Google Scholar 

  22. Kashmar, N., Adda, M., Atieh, M.: From access control models to access control metamodels: a survey. In: Advances in Information and Communication: Proceedings of the 2019 Future of Information and Communication Conference (FICC), Volume 2. Springer International Publishing (2020)

    Google Scholar 

  23. Xu, J., et al.: Role-based access control model for cloud storage using identity-based cryptosystem. Mobile Netw. Appl. 26, 1475–1492 (2021)

    Google Scholar 

  24. O’Connor, A., Loomis, R.: Economic analysis of role-based access control (No. RTI Project Number 0211876), p. 132. RTI International (2010)

    Google Scholar 

  25. Uddin, M., Islam, S., Al-Nemrat, A.: A dynamic access control model using authorising workflow and task-role-based access control. Ieee Access 7, 166676–166689 (2019)

    Article  Google Scholar 

  26. Harnal, S., Chauhan, R.K.: Efficient and Flexible Role-Based Access Control (EFRBAC) Mechanism for Cloud. EAI Endorsed Trans. Scalable Info. Sys. 7(26), e1–e1 (2020)‏

    Google Scholar 

  27. Alshamsi, A.S., Maamar, Z., Kuhail, M.-A.: Towards an approach for weaving open digital rights language into role-based access control. In: 2023 International Conference on IT Innovation and Knowledge Discovery (ITIKD). IEEE (2023)

    Google Scholar 

  28. Wang, W., et al.: The design of a trust and role based access control model in cloud computing. In: 2011 6th International conference on pervasive computing and applications. Ieee (2011)

    Google Scholar 

  29. Dongdong, L., et al.: Role-based access control in educational administration system. In: MATEC Web of Conferences. Vol. 139. EDP Sciences (2017)

    Google Scholar 

  30. Bouadjemi, A., Abdi, M.K.: Towards an extension of RBAC model. Int. J. Comput. Digi. Sys. 10, 1–11 (2020)

    Google Scholar 

  31. Huang, H., et al.: Handling least privilege problem and role mining in RBAC. Journal of Combinatorial Optimization 30, 63–86 (2015)

    Google Scholar 

  32. Aftab, M.U., et al.: Permission-based separation of duty in dynamic role-based access control model. Symmetry 11(5), 669 (2019)

    Google Scholar 

  33. Lu, S., et al.: Implementing web-based e-Health portal systems. Department of Computer Science and CIISE. Concordia University (2017)

    Google Scholar 

  34. Abdulateef, O.G., Abdullah, A.I., Ahmed, S.R., Mahdi, M.S.: Vehicle license plate detection using deep learning. In: 2022 International Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT) (2022)

    Google Scholar 

  35. Tianyi, Z., Weidong, L., Jiaxing, S.: An efficient role based access control system for cloud computing. In: 2011 IEEE 11th International Conference on Computer and Information Technology, pp. 97–102. Paphos, Cyprus (2011). https://doi.org/10.1109/CIT.2011.36

  36. Tang, Z., et al.: A new RBAC based access control model for cloud computing. In: Advances in Grid and Pervasive Computing: 7th International Conference, GPC 2012, Hong Kong, China, May 11–13, 2012. Proceedings 7. Springer Berlin Heidelberg (2012)

    Google Scholar 

  37. Uzun, E., et al.: Analyzing temporal role based access control models. In: Proceedings of the 17th ACM symposium on Access Control Models and Technologies (2012)

    Google Scholar 

  38. Ferrara, A.L., et al.: Vac-verifier of administrative role-based access control policies. In: Computer Aided Verification: 26th International Conference, CAV 2014, Held as Part of the Vienna Summer of Logic, VSL 2014, Vienna, Austria, July 18–22, 2014. Proceedings 26. Springer International Publishing (2014)

    Google Scholar 

  39. Zhou, L., Varadharajan, V., Hitchens, M.: Achieving secure role-based access control on encrypted data in cloud storage. IEEE Trans. Inf. Forensics Secur. 8(12), 1947–1960 (2013). https://doi.org/10.1109/TIFS.2013.2286456

    Article  Google Scholar 

  40. Ranise, S., Truong, A., Viganò, L.: Automated analysis of RBAC policies with temporal constraints and static role hierarchies. In: Proceedings of the 30th Annual ACM Symposium on Applied Computing (2015)‏

    Google Scholar 

  41. Yaseen, B.T., Kurnaz, S., Ahmed, S.R.: Detecting and classifying drug interaction using data mining techniques. In: 2022 International Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT) (2022)

    Google Scholar 

  42. Huang, L., Xiong, Z., Wang, G.: A trust-role access control model facing cloud computing. In: 2016 35th Chinese Control Conference (CCC). IEEE (2016)

    Google Scholar 

  43. Ghafoorian, M., Abbasinezhad-Mood, D., Shakeri, H.: A thorough trust and reputation based RBAC model for secure data storage in the cloud. IEEE Trans. Parallel Distrib. Syst. 30(4), 778–788 (2018)

    Article  Google Scholar 

  44. Shahen, J., Niu, J., Tripunitara, M.: Cree: a performant tool for safety analysis of administrative temporal role-based access control (ATRBAC) policies. IEEE Trans. Dependable Secure Comput. 18(5), 2349–2364 (2019)

    Google Scholar 

  45. Baig, U., et al.: Secure role based access control data sharing approach and cloud environment.‏ IRJMETS (International Research Journal of Modernization in Engineering Technology and Science) 5(3), 7.868 (2023)

    Google Scholar 

Download references

Acknowledgements

The authors are very grateful to the University of Mosul/College of Computer Science and Mathematics for their facilities, which helped improve the quality of this work.

Author information

Authors and Affiliations

  1. Department of Computer Science, College of Computer Science and Mathematics, University of Mosul, 41002, Mosul, Iraq

    Alaa J. Mohammed & Saja J. Mohammed

Authors
  1. Alaa J. Mohammed
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Saja J. Mohammed
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alaa J. Mohammed .

Editor information

Editors and Affiliations

  1. Department of Computer Engineering, Istanbul Sabahattin Zaim University, Istanbul, Türkiye

    Jawad Rasheed

  2. Council for Scientific and Industrial Research (CSIR), Pretoria, South Africa

    Adnan M. Abu-Mahfouz

  3. School of Electronics, Electrical Engineering and Computer Science, Queen's University Belfast, Belfast, UK

    Muhammad Fahim

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Mohammed, A.J., Mohammed, S.J. (2024). Securing Cloud Computing Using Access Control Systems: A Comprehensive Review. In: Rasheed, J., Abu-Mahfouz, A.M., Fahim, M. (eds) Forthcoming Networks and Sustainability in the AIoT Era. FoNeS-AIoT 2024. Lecture Notes in Networks and Systems, vol 1036. Springer, Cham. https://doi.org/10.1007/978-3-031-62881-8_9

Download citation

Publish with us

Policies and ethics

Search

Navigation