A role-based access control approach to HDFS-based cloud storage system

被引：0

作者：

Zhang, Feifan ^{[1
]}

Gu, Junzhong ^{[1
]}

Wang, Wenbin ^{[1
]}

机构：

[1] Department of Computer Science and Technology, East China Normal University, Shanghai

来源：

Journal of Computational Information Systems | 2015年 / 11卷 / 05期

关键词：

Access control; Cloud storage; Data isolation; Data sharing; HDFS; RBAC;

D O I：

10.12733/jcis13889

中图分类号：

学科分类号：

摘要：

Access control is an important way to ensure multiuser usages, especially to guarantee data security in cloud storage system. However, existing access control methods are not well-suited for cloud environment. In this paper, a flexible access control approach based on RBAC (Role-Based Access Control) in HDFSBased (Hadoop Distributed File System) cloud storage system is proposed. To achieve security access control, subject security labels and object security labels are designed firstly to determine whether the subject has access to object or not based on the permission judging algorithm. Then, GROUP concept is adopted to deal with the problem of data sharing in cloud storage system. After that, the design and implementation of access control based on HDFS are presented. Finally, this paper shows the experimental analysis including security analysis and performance of security access control policy. In proof-of-concept HDFS-Based cloud storage system, the effectiveness of access control policy in data isolation and data sharing are well demonstrated. Copyright © 2015 Binary Information Press.

引用

页码：1903 / 1913

页数：10

共 17 条

[1]

Ni Q., Bertino E., Lobo J., Et al., Privacy-aware role-based access control, ACM Transactions on Information and System Security (TISSEC), 13, 3, (2010)

[2]

Sandhu R.S., Coyne E.J., Feinstein H.L., Et al., Role-based access control models, Computer, 29, 2, pp. 38-47, (1996)

[3]

Sandhu R., Ferraiolo D., Kuhn R., The NIST model for role-based access control: towards a unified standard, ACM Workshop on Role-based Access Control, (2000)

[4]

Xiao M., Chen L., Integrity Auditing Strategy Design for Data Storage Security in Cloud Computing, Journal of Computational Information Systems, Binary Information Press, 8, 23, pp. 9779-9789, (2012)

[5]

Laurie B., Access Control (v0.1), (2009)

[6]

Strembeck M., Mendling J., Modeling process-related RBAC models with extended UML activity models, Information and Software Technology, 53, 5, pp. 456-483, (2011)

[7]

Ferraiolo D., Kuhn R., Role-based access control, Proceedings of the NISTCNSA National (USA) Computer Security Conference, pp. 554-563, (1992)

[8]

Yuan E., Tong J., Attributed based access control (ABAC) for web services, Web Services, 2005. ICWS 2005. Proceedings. 2005 IEEE International Conference on, (2005)

[9]

Goyal V., Pandey O., Sahai A., Et al., Attribute-based encryption for fine-grained access control of encrypted data, Proceedings of the 13th ACM Conference on Computer and Communications Security, 2006, pp. 89-98, (2006)

[10]

Danwei C., Xiuli H., Xunyi R., Access control of cloud service based on ucon, Cloud Computing, pp. 559-564, (2009)

← 1 2 →