- Cyber Security Challenges and Opportunities in the Context of Pakistan - 2015-03-04
- Papers presented in ICOSST held at UET Lahore - 2014-12-18
- A Journal Paper Accepted in The computer Journal, Oxford Journals - 2014-12-08
- SpringerOpen journal Paper published - 2014-11-11
- NUST Intra Research Conference - 2014-11-08
Self-Adaptive Access Control Delegation in Cloud Computing
In a dynamic cloud-computing environment, a lot of different Cloud Service Providers (CSPs) have to establish trusted relationships with each other, at runtime, in order to use each other’s resources. Through this relationship, end users can not only use resources of other trusted CSPs, but could also delegate access control to end users of other CSPs. There exist many frameworks and models to assist in delegating access control, but none of them handle uncertainty.
We’ve proposed a self-adaptive framework that caters for unprecedented conditions, i.e., conditions or situations that weren’t identified at the time of requirements engineering. For example, our framework uses a risk score for each user, on the basis of which the user may or may not be delegated the access. Frameworks proposed in the literature would handle only a certain pre-defined range of risk score, and either permit or deny access delegation, but our framework is self-adaptive, it even caters for the risk score that wasn’t defined at requirements engineering time, and based on user history and other situational factors adapts to this new risk score and then makes a decision on whether or not to allow access delegation.