Trust-based Secure Cloud Data Storage with Cryptographic Role-based Access Control

Lan Zhou; Vijay Varadharajan; Michael Hitchens

doi:10.5220/0004508600620073

Trust-based Secure Cloud Data Storage with Cryptographic Role-based Access Control

Lan Zhou, Vijay Varadharajan, Michael Hitchens

2013

Abstract

Role-based access control (RBAC) model is a widely used access control model which can simplify security management in large-scale systems. Recently, several cryptographic RBAC schemes have been proposed to integrate cryptographic techniques with RBAC models to secure data storage in an outsourced environment such as a cloud. These schemes allow data to be encrypted in such a way that only the users who are members of an appropriate role can decrypt and view the data. However, the issue of trust in such a data storage system is not addressed in these schemes. In this paper, we propose trust models to improve the security of such a system which uses cryptographic RBAC schemes. The trust models provide an approach for the users and roles to determine the trustworthiness of individual roles and owners in the RBAC system. The users can use the trust models to decide whether to join a particular role for accessing data in the system. The roles can use the trust models in their decision to ensure that only data from data owners with good behaviours are accepted by the roles. The proposed trust models take into account role inheritance and hierarchy in the evaluation of trustworthiness of the roles. In addition, we present a design of a trust-based cloud storage system which shows how the trust models can be integrated into a system that uses cryptographic RBAC schemes.

Download

Paper Citation

in Harvard Style

Zhou L., Varadharajan V. and Hitchens M. (2013). Trust-based Secure Cloud Data Storage with Cryptographic Role-based Access Control . In Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013) ISBN 978-989-8565-73-0, pages 62-73. DOI: 10.5220/0004508600620073

in Bibtex Style

@conference{secrypt13,
author={Lan Zhou and Vijay Varadharajan and Michael Hitchens},
title={Trust-based Secure Cloud Data Storage with Cryptographic Role-based Access Control},
booktitle={Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013)},
year={2013},
pages={62-73},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004508600620073},
isbn={978-989-8565-73-0},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013)
TI - Trust-based Secure Cloud Data Storage with Cryptographic Role-based Access Control
SN - 978-989-8565-73-0
AU - Zhou L.
AU - Varadharajan V.
AU - Hitchens M.
PY - 2013
SP - 62
EP - 73
DO - 10.5220/0004508600620073