基于风险度量的社交云平台协作访问控制

2015 IEEE Trustcom/BigDataSE/ISPA Pub Date : 2015-08-20 DOI:10.1109/Trustcom.2015.458

Ahmed Bouchami, Elio Goettelmann, O. Perrin, C. Godart

{"title":"基于风险度量的社交云平台协作访问控制","authors":"Ahmed Bouchami, Elio Goettelmann, O. Perrin, C. Godart","doi":"10.1109/Trustcom.2015.458","DOIUrl":null,"url":null,"abstract":"Cloud computing promotes the exchange of information, resources and tasks between different organizations by facilitating the deployment and adoption of centralized collaboration platforms: Professional Social Networking (PSN). However, issues concerning security management are preventing their widespread use, as organizations still need to protect some of their sensitive data. Traditional access control policies, defined over the triplet (User, Action, Resource) are difficult to put in place in such highly dynamic environments. In this paper, we introduce risk metrics in existing access control systems to combine the fine-grained policies defined at the user level, with a global risk-policy defined at the organization's level. Experiments show the impact of our approach when deployed on traditional systems.","PeriodicalId":277092,"journal":{"name":"2015 IEEE Trustcom/BigDataSE/ISPA","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Enhancing Access-Control with Risk-Metrics for Collaboration on Social Cloud-Platforms\",\"authors\":\"Ahmed Bouchami, Elio Goettelmann, O. Perrin, C. Godart\",\"doi\":\"10.1109/Trustcom.2015.458\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cloud computing promotes the exchange of information, resources and tasks between different organizations by facilitating the deployment and adoption of centralized collaboration platforms: Professional Social Networking (PSN). However, issues concerning security management are preventing their widespread use, as organizations still need to protect some of their sensitive data. Traditional access control policies, defined over the triplet (User, Action, Resource) are difficult to put in place in such highly dynamic environments. In this paper, we introduce risk metrics in existing access control systems to combine the fine-grained policies defined at the user level, with a global risk-policy defined at the organization's level. Experiments show the impact of our approach when deployed on traditional systems.\",\"PeriodicalId\":277092,\"journal\":{\"name\":\"2015 IEEE Trustcom/BigDataSE/ISPA\",\"volume\":\"24 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-08-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 IEEE Trustcom/BigDataSE/ISPA\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/Trustcom.2015.458\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE Trustcom/BigDataSE/ISPA","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/Trustcom.2015.458","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

摘要

云计算通过促进集中式协作平台:专业社交网络(PSN)的部署和采用，促进了不同组织之间信息、资源和任务的交换。然而，有关安全管理的问题阻碍了它们的广泛使用，因为组织仍然需要保护一些敏感数据。在三元组(用户、操作、资源)上定义的传统访问控制策略很难在这种高度动态的环境中实施。在本文中，我们在现有的访问控制系统中引入风险度量，将用户级别定义的细粒度策略与组织级别定义的全局风险策略结合起来。实验证明了我们的方法在传统系统上部署时的影响。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Enhancing Access-Control with Risk-Metrics for Collaboration on Social Cloud-Platforms

Cloud computing promotes the exchange of information, resources and tasks between different organizations by facilitating the deployment and adoption of centralized collaboration platforms: Professional Social Networking (PSN). However, issues concerning security management are preventing their widespread use, as organizations still need to protect some of their sensitive data. Traditional access control policies, defined over the triplet (User, Action, Resource) are difficult to put in place in such highly dynamic environments. In this paper, we introduce risk metrics in existing access control systems to combine the fine-grained policies defined at the user level, with a global risk-policy defined at the organization's level. Experiments show the impact of our approach when deployed on traditional systems.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2015 IEEE Trustcom/BigDataSE/ISPA

自引率

0.00%

发文量