A symbolic attribute-based access control model for data security in the cloud
Abstract
There have been several attempts made in literature to develop access control techniques to stem data security problems. Many of these techniques had been found to have one deficiency or other. Hence, this study developed a Symbolic Attribute-Based Access Control (SABAC) system for data security in the cloud service environment. SABAC system was implemented by developing Hash-tag Symbol Authentication (HSA) algorithm using the Message Digest-5 encryption. SABAC utilizes a 3-Tier continuous authentication method by combining the use of username and password, HSA code, and real-time image monitoring and verification. HSA code is generated by combining 5-tuple user attributes and the string generated from the user’s image using Obfuscation Technique. The concatenated string is converted to hexadecimal which serves as input to MD5 to produces a unique HSA code. SABAC was evaluated using three major security metrics of confidentiality, integrity, and avail-ability. The result of security metrics tests showed a confidence level of 99.993%, integrity threshold of 99.998%, and availability throughput of 150 users/second. This implies that SABAC is highly efficient for cloud data security. It shows that hackers would find it impossible to match any fake identity with valid HSA in the database. The study concluded that SABAC could be used for access control in a cloud environment for assuring data security. It was recommended that the SABAC system should be adopted by Cloud Solution Providers and Security Specialists.
Downloads
References
Sandeep, B., “Cloud Computing.” University Printing House, Cambridge CB2 8BS, United Kingdom One Liberty Plaza, 20th Floor, New York: NY 10006, USA 477 Williamstown Road, Port Melbourne, Vic 3207, Australia 4843/24, 2nd Floor, Ansari Road, Daryaganj, Delhi – 110002, India 79 Anson Road, #06–04/06, Singapore 079906, 2017.
RSA, “The Current State of Cybercrime: An Inside Look at the Changing Threat Landscape,” 2014.
Teri, S., “Data Insecurity on the Rise.” The Verison Business Data Breaches Investigation Report, Financial Management Magazine. www.fm-magazine.com, 2020.
Vincent, C. H., Kuhn, D. R., & Ferraiolo, D. F., “Attribute-Based Access Control, “National Institute of Standards and Technology. CSDL Issue No. 02, pp 85-88, ISSN: 0018-9162, http://doi.ieeecomputersociety.org/10.1109/MC..33, 2015.
Xin, J., “Attribute-Based Access Control Models and Implementation in Cloud Infrastructure as a Service,” The University of Texas AT SAN ANTONIO College of Sciences Department of Computer Science, 2014.
Vincent, C. H., Kuhn, D. R., & Ferraiolo, D. F. “Guide to Attribute-Based Access Control (ABAC) Definition and Considerations,” NIST Special Publication, 2013.
Mikko, K.,”Enforcing Role-Based Access Control with Attribute-Based Cryptography for Environments with Multi-Level Security Requirements.” Aalto University publication series DOCTORAL DISSERTATIONS. Department of Information and Computer Science, Finland, 2016.
Khalid, Z.B., Ram, K., & Ravi, S.,” Constraints Specification in Attribute-Based Access Control, Institute for Cyber Security,” Department of Computer Science, the University of Texas at San Antonio, 2013.
Richard, K. D. & Edward, C. J.,” Adding Attributes to Role-Based Access Control,” 2010.
Jin, X., Krishnan, R., & Sandhu, R., “A Unified Attribute-Based Access Control Model Covering DAC, MAC, and RBAC,” .In DBSec, 2012.
Sandhu, R. S. & Samarati, P., “Access Control Principle and Practice,“ Communications Magazine, IEEE, vol 32. no 9, pp 40-48, 1994.
Parminder, S., & Sarpreet, S., “Cross Bread Role-based Access Control for Extended Security At Az-ure in Cloud Computing,” International Journal of Application or Innovation in Engineering & Management (IJAIEM): ISSN 2319 - 4847 www.ijaiem.org Email: editor@ijaiem.org, editorijai-em@gmail.com, 2013.
Masound, B., Mohammad, S.K., Soheil, L., & Azizallah, R., “A New Semantic Role-based Access Control Model for Cloud Computing,” The Ninth International Conference on Internet and Web Applica-tions and Services. ISBN: 978-1-61208-361-2, 2014
Alshehri, S., “Toward Effective Access Control Using Attributes and Pseudoroles,” The Ph.D. Program in Computing & Information Sciences B. Thomas Golisano College of Computing & Information Sciences Rochester Institute of Technology, 2014.
Kim, W., “Cloud Computing Trends: State of the Cloud Survey,” 2015.
Huihui, Y., “Cryptographic Enforcement of Attribute-Based Authentication.” The University of Agder, Faculty of Engineering and Science, 2016.
Djellali, B., Belarbi, K., Chouarfia, A., & Lorenz, P., “User Authentication Scheme Preserving Anonymity for Ubiquitous Devices. Security and Communication Networks, vol 8, no17, 2016.
Oyeyinka, F. I., Awodele, O., Kuyoro, S. & Oyeyinka, I. K.,. “The Design of Hybrid Cloud Migration Techniques,” 2nd National conference and 4th Induction ceremony of Nigeria Women in Information Technology, Abuja, Nigeria, 2016..
Seyed, M. D., & Sara, N., “Authentication Techniques in Cloud Computing: A Review,” International Journal of Advances Research in Computer Science and Software Engineering, vol 7, no 1, 2017.
Ako, M. A.,. “Advanced Encryption Standard (AES) algorithm to Encrypt and Decrypt Data,” Department of Applied Mathematics and Computer Science, Eastern Mediterranean University-Cyprus, 2017.
Imran, K., “An Introduction to the applications of cloud computing technology in academic libraries,” International Journal of Library Management and Services. ISSN:2349-6347; vol 4, no 2, pp 15-24, 2018
Yu, S., Yusuke, N., Noboru, K., & Kazuo, O., “Improved Collision Attacks on MD4 and MD5,” 2007.
Rajeev, S., & Geetha, G., “Cryptographic Hash Functions: A Review. School of Computer Science,” Lovely Professional University Phagwara, Punjab. International Journal of Computer Science (IJCSI), ISSN: 1694-0814, vol 9, no 2, pp 2, 2012.
Yu, S., & Kazumaro, A., “Finding Pre-images in Full MD5 Faster Than Exhaustive Search,” 2009.
Kanickam, L. H. S., & Jayasimman J., “Comparative Analysis of Hash Authentication Algorithms and ECC Based Security Algorithms in Cloud Data,” Asian Journal of Computer Science and Technology ISSN: 2249-0701, vol 8, no 1, pp 53-61, 2019.
This work is licensed under a Creative Commons Attribution 4.0 International License.