KTH-SEECS Applied Information Security Lab

National University of Sciences and Technology (NUST)

User Centric Access Control Policy Management Framework for Cloud Applications

Domain:Access Control, Cloud Computing Security

Status: Active
Contact Person(s): Misbah Irum , Abdul Ghafoor Abbasi

Date of Completion: December, 2014 

The online availability, variety and easy access of Cloud applications allow users to create, upload and store numerous resources across the Cloud. However, Protection of these resources from different security threats in Cloud environment is still a serious concern for the Cloud users. Cloud applications provide diverse and complex authorization and access control mechanisms to different Cloud users. Moreover, Access control is limited and tightly bound to the functionality of the applications and does not cater the access control requirements of individual users. Securing every resource with different access control solutions is a tedious task and results in poorly protected resources susceptible to unauthorized access and different other security threats. Therefore, it is required to develop an access control solution which allows users to control the access control specification process for the better protection and management of their resources scattered across the Cloud.


In order to provide users with full control over their resources we proposed a User centric access control policy management framework. The proposed framework externalizes access control from Cloud applications and provides users with a policy specification module to create and manage access control polices and an authorization server to store and evaluate policies to generate access control decisions. The major objective of the designed framework is to enable users to specify access control on their resources according to their security and access control requirements. This facilitates users by providing them with the features to specify fine grained access control on resources, which is usually not incorporated in many Cloud applications. Furthermore, the framework allow users to create, store and manage access control polices on different resources from a unified control point irrespective of their location on the Cloud. As a result users feel more confident about the protection of their resources hosted on the Cloud and in turn
increase their trust on the Cloud environment.

 


Project Documents:

  1. Absract  (PDF)
  2. Presentation  (PDF)
  3. Publication

      ► "User Centric Access control Policy Management Framework for Cloud Applications" (Link)